Lucene search
HistoryFeb 21, 2005 - 5:00 a.m.
CVE-2004-1701
cve-2004-1701
buffer overflow
authenticationdialogue
cfengine
remote code execution
rsa authentication
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.9 High
AI Score
Confidence
Low
0.133 Low
EPSS
Percentile
95.6%
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.
Affected configurations
Node
gnucfengineMatch2.0.0
ORgnucfengineMatch2.0.1
ORgnucfengineMatch2.0.2
ORgnucfengineMatch2.0.3
ORgnucfengineMatch2.0.4
ORgnucfengineMatch2.0.5
ORgnucfengineMatch2.0.5b1
ORgnucfengineMatch2.0.5pre
ORgnucfengineMatch2.0.5pre2
ORgnucfengineMatch2.0.6
ORgnucfengineMatch2.0.7
ORgnucfengineMatch2.0.7p1
ORgnucfengineMatch2.0.7p2
ORgnucfengineMatch2.0.7p3
ORgnucfengineMatch2.0.8
ORgnucfengineMatch2.0.8p1
ORgnucfengineMatch2.1.0a6
ORgnucfengineMatch2.1.0a8
ORgnucfengineMatch2.1.0a9
ORgnucfengineMatch2.1.7p1
References
Related
debiancve
debiancve
CVE-2004-1701
2004-08-09 04:00:00
nvd
nvd
CVE-2004-1701
2004-08-09 04:00:00
cvelist
cvelist
CVE-2004-1701
2005-02-21 05:00:00
gentoo
gentoo
Cfengine: RSA Authentication Heap Corruption
2004-08-10 00:00:00
nessus
nessus
GLSA-200408-08 : Cfengine: RSA Authentication Heap Corruption
2004-08-30 00:00:00
Cfengine AuthenticationDialogue() Function Remote Overflow
2004-08-20 00:00:00
openvas
openvas
cfengine AuthenticationDialogue vulnerability
2005-11-03 00:00:00
Gentoo Security Advisory GLSA 200408-08 (Cfengine)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200408-08 (Cfengine)
2008-09-24 00:00:00
10 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
7.9 High
AI Score
Confidence
Low
0.133 Low
EPSS
Percentile
95.6%
Related for CVE-2004-1701