CVE-2015-0932

Name of the Vulnerable Software and Affected Versions ANTlabs InnGate firmware versions on IG 3100, IG 3101, InnGate 3.00 E, InnGate 3.01 E, InnGate 3.02 E, InnGate 3.10 E, InnGate 3.01 G, and InnGate 3.10 G

Description The issue allows remote attackers to read or write to arbitrary files via TCP traffic on port 873, due to the lack of authentication requirement for rsync sessions.

Recommendations For all affected versions, consider restricting access to TCP port 873 to minimize the risk of exploitation. As a temporary workaround, restrict rsync sessions to only trusted sources until a patch is available.