CVE-2002-0080

UNKNOWN

rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed

Published Jun 25, 2002

Modified 1 years ago

Details

rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.

References

ADVISORY

http://www.caldera.com/support/security/advisories/CSSA-2002-014.1.txt

WEB

http://www.iss.net/security_center/static/8463.php

ADVISORY

http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-024.php3

ADVISORY

http://www.redhat.com/support/errata/RHSA-2002-026.html

WEB

http://www.securityfocus.com/bid/4285

ADVISORY