A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.

OverTheWire


The wargames offered by the OverTheWire community can help you to learn and practice security concepts in the form of fun-filled games.

Listed: