CVE-2008-1720

Name of the Vulnerable Software and Affected Versions rsync versions 2.6.9 through 3.0.1

Description The issue affects the rsync package, potentially leading to breaches of confidentiality, integrity, and availability of protected information. Exploitation can be carried out remotely. A buffer overflow in rsync, particularly with extended attribute (xattr) support enabled, might allow remote attackers to execute arbitrary code.

Recommendations For rsync versions 2.6.9 through 3.0.1, update to a version later than 3.0.1 to resolve the issue. As a temporary workaround, consider disabling extended attribute (xattr) support until a patch is available. Restrict access to rsync to minimize the risk of exploitation.