A flaw in the way rsych, a synchronization tool for Linux, uses signed and unsigned numbers could be exploited to run arbitrary code on the affected machine. For Debian users, more information and a link to the appropriate patch should be posted shortly at: http://www.debian.org/security/2002/Red Hat: https://www.redhat.com/support/errata/RHSA-2002-018.htmlConectiva: http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000458EnGarde: http://www.linuxsecurity.com/advisories/other_advisory-1853.htmlSuSE: http://lists2.suse.com/archive/suse-security-announce/2002-Jan/0003.html