Skip to main content

Rsync Vulnerability

Comments

4 comments

  • cPRex Jurassic Moderator

    Hey there!  Unfortunately this one isn't up to cPanel as rsync is handled by the operating system.  At this time, neither RedHat nor AlmaLinux has patched this issue.  Ubuntu released a patch 2 days ago to resolve this:

    https://ubuntu.com/blog/rsync-remote-code-execution

    but at this time waiting for the OSs to patch it is the best plan.

    If you block port 873 and 8873 on your system that would also mitigate any issues, although that would keep rsync from functioning, as expected.  The only issue that could be related to cPanel with this work is if you have a remote rsync backup destination - any local backups wouldn't be vulnerable as this requires something external to the machine to be exploited.

    1
  • nootkan

    cPRex, thanks for your reply.  I will wait for Almalinux to patch it.  I do have port 873 blocked for both tcp in and out but didn't know about port 8873.  Also the only backup I have in place is weekly for all accounts on server to a backup drive on the same server.  Am I correct in assuming then I needn't be worried based on your comment that local backups won't be vulnerable? If so, I will remove the port blocks to ensure my backups still continue.  Thanks again for the clarification.

    0
  • cPRex Jurassic Moderator

    That's correct - if you have those closed you're all set!

    1
  • nootkan

    Okay thanks!

    0

Please sign in to leave a comment.