CVE-2007-4091

Name of the Vulnerable Software and Affected Versions: rsync versions prior to 2.6.9

Description: The issue is related to multiple off-by-one errors in the sender.c file of rsync, which could allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the f name function. This vulnerability may lead to a breach of confidentiality, integrity, and availability of protected information and can be exploited remotely.

Recommendations: For versions prior to 2.6.9, update to version 2.6.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the rsync service until the update is applied.