VULHUB ™

It is reported that RsyncX is prone to a local privilege escalation vulnerability. RsyncX is installed setuid root and setgid wheel. It is reported that RsyncX drops root privileges properly but fails to drop setgid wheel privileges before executing a third party binary. A local attacker may exploit this vulnerability to execute arbitrary code with group wheel privileges.

It is reported that RsyncX is prone to a local privilege escalation vulnerability. RsyncX is installed setuid root and setgid wheel. It is reported that RsyncX drops root privileges properly but fails to drop setgid wheel privileges before executing a third party binary. A local attacker may exploit this vulnerability to execute arbitrary code with group wheel privileges.