rsync -- off by one stack overflow

2007-08-15T00:00:00
ID AF8E3A0C-5009-11DC-8A43-003048705D5A
Type freebsd
Reporter FreeBSD
Modified 2007-08-23T00:00:00

Description

BugTraq reports:

The rsync utility is prone to an off-by-one buffer-overflow vulnerability. This issue is due to a failure of the application to properly bounds-check user-supplied input. Successfully exploiting this issue may allow arbitrary code-execution in the context of the affected utility.