RSS   Vulnerabilities for 'Cfengine'   RSS

2005-10-05
 
CVE-2005-3137

 

 
The (1) cfmailfilter and (2) cfcron.in files for cfengine 1.6.5 allow local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CVE-2005-2960.

 
 
CVE-2005-2960

 

 
cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.

 
2004-08-09
 
CVE-2004-1702

 

 
The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash).

 
 
CVE-2004-1701

 

 
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.

 
2003-11-17
 
CVE-2003-0849

 

 
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.

 
2000-12-19
 
CVE-2000-0947

 

 
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.

 

 >>> Vendor: GNU 88 Products
INET
LIBC
Fingerd
WGET
BASH
Finger service
Gnumeric
MAKE
Emacs
Glibc
Mailman
Userv
Groff
Cfengine
Privacy guard
ED
G++
GCC
Findutils
GZIP
TAR
Radius
Enscript
ZLIB
Sharutils
Chess
Fileutils
Screen
Data display debugger
Zebra
LSH
Libtool
Anubis
FLIM
Aspell
Queue
Ksymoops
Gnats
Gettext
Mailutils
A2PS
Realtime linux security module
LESS
Gnubiff
Gnutls
Xemacs
Coreutils
CPIO
GDB
Phpbook
Texinfo
Gnump3d
Binutils
GV
Libtool-ltdl
Gpgme
Gnumail
Iceweasel
Flash player
GIMP
Tramp
Libcdio
M4
SCCS
Grub legacy
ADNS
Ibackup
Escript
Classpath
Gnu screen
Automake
Grub 2
NANO
Gnash
Gnu patch
Eglibc
Libtasn1
Libiberty
GREP
Libmicrohttpd
RUSH
GRUB
Readline
Patch
Parallel
Grub2
Libidn
Guile


Copyright 2017, cxsecurity.com