CVE-2011-1097

Name of the Vulnerable Software and Affected Versions rsync versions 3.0.6 through 3.0.7 rsync version 3.x before 3.0.8

Description The issue allows remote rsync servers to cause a denial of service or possibly execute arbitrary code via malformed data when certain recursion, deletion, and ownership options are used. This can lead to a violation of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be carried out remotely.

Recommendations For rsync versions 3.0.6 through 3.0.7, update to version 3.0.8 or later. For rsync version 3.x before 3.0.8, update to version 3.0.8 or later. As a temporary workaround, consider restricting access to the rsync server to minimize the risk of exploitation.