I just stumbled on this and thought it might be of interest:
https://www.openwall.com/lists/oss-secu ... 22/08/02/1
We have discovered a critical arbitrary file write vulnerability
in the
>>>> rsync utility that allows malicious remote servers to write arbitrary
>>>> files inside the directories of connecting peers. The server chooses
>>>> which files/directories are sent to the client. Due to the
insufficient
>>>> controls inside the
>>>> [do_server_recv](
>>>
https://github.com/WayneD/rsync/blob/85 ... in.c#L1118
>>> )
>>>> function, a malicious rysnc server (or Man-in-The-Middle attacker) can
>>>> overwrite arbitrary files in the rsync client target directory and
>>>> subdirectories. An attacker abusing this vulnerability can overwrite
>>>> critical files under the target rsync directory and subdirectories
(for
>>>> example, to overwrite the .ssh/authorized_keys file).
>>>>
>>>> Best regards, Ege BALCI, Taha HAMAD.