USN-2171-1: rsync vulnerability
23 April 2014
rsync could be made to consume resources if it received specially crafted network traffic.
Releases
Packages
- rsync - fast, versatile, remote (and local) file-copying tool
Details
Ryan Finnie discovered that the rsync daemon incorrectly handled invalid
usernames. A remote attacker could use this issue to cause rsync to consume
resources, resulting in a denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04
In general, a standard system update will make all the necessary changes.