Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2005-2960
HistoryOct 05, 2005 - 7:02 p.m.

CVE-2005-2960

2005-10-0519:02:00
[email protected]
web.nvd.nist.gov
1

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

JSON

cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.

Affected configurations

NVD
Node
gnucfengineMatch1.5
OR
gnucfengineMatch1.5.3-4
OR
gnucfengineMatch1.6a10
OR
gnucfengineMatch1.6a11
OR
gnucfengineMatch1.6.5
OR
gnucfengineMatch2.0.0
OR
gnucfengineMatch2.0.1
OR
gnucfengineMatch2.0.2
OR
gnucfengineMatch2.0.3
OR
gnucfengineMatch2.0.4
OR
gnucfengineMatch2.0.5
OR
gnucfengineMatch2.0.5b1
OR
gnucfengineMatch2.0.5pre
OR
gnucfengineMatch2.0.5pre2
OR
gnucfengineMatch2.0.6
OR
gnucfengineMatch2.0.7
OR
gnucfengineMatch2.0.7p1
OR
gnucfengineMatch2.0.7p2
OR
gnucfengineMatch2.0.7p3
OR
gnucfengineMatch2.0.8
OR
gnucfengineMatch2.0.8p1
OR
gnucfengineMatch2.1.0a6
OR
gnucfengineMatch2.1.0a8
OR
gnucfengineMatch2.1.0a9
OR
gnucfengineMatch2.1.7p1
OR
gnucfengineMatch2.1.8
OR
gnucfengineMatch2.1.9
OR
gnucfengineMatch2.1.16
Node
debiandebian_linuxMatch3.1
OR
debiandebian_linuxMatch3.1alpha
OR
debiandebian_linuxMatch3.1amd64
OR
debiandebian_linuxMatch3.1arm
OR
debiandebian_linuxMatch3.1hppa
OR
debiandebian_linuxMatch3.1ia-32
OR
debiandebian_linuxMatch3.1ia-64
OR
debiandebian_linuxMatch3.1m68k
OR
debiandebian_linuxMatch3.1mips
OR
debiandebian_linuxMatch3.1mipsel
OR
debiandebian_linuxMatch3.1ppc
OR
debiandebian_linuxMatch3.1s-390
OR
debiandebian_linuxMatch3.1sparc

Related

debiancve 2
openvas 6
ubuntu 1
ubuntucve 2
cvelist 2
osv 2
nessus 5
cve 2
securityvulns 1
nvd 1
freebsd 1
debian 4
debiancve
debiancve
CVE-2005-3137
2005-10-05 19:02:00
CVE-2005-2960
2005-10-05 19:02:00
openvas
openvas
Debian: Security Advisory (DSA-835-1)
2008-01-17 00:00:00
Debian: Security Advisory (DSA-836-1)
2008-01-17 00:00:00
FreeBSD Ports: cfengine
2008-09-04 00:00:00
ubuntu
ubuntu
cfengine vulnerabilities
2005-10-10 00:00:00
ubuntucve
ubuntucve
CVE-2005-3137
2005-10-05 00:00:00
CVE-2005-2960
2005-10-05 00:00:00
cvelist
cvelist
CVE-2005-2960
2005-10-05 04:00:00
CVE-2005-3137
2005-10-05 04:00:00
osv
osv
cfengine - insecure temporary files
2005-10-01 00:00:00
cfengine2 - insecure temporary files
2005-10-01 00:00:00
nessus
nessus
Mandrake Linux Security Advisory : cfengine (MDKSA-2005:184)
2005-10-19 00:00:00
Debian DSA-835-1 : cfengine - insecure temporary files
2005-10-05 00:00:00
Ubuntu 4.10 / 5.04 : cfengine vulnerabilities (USN-198-1)
2006-01-15 00:00:00
cve
cve
CVE-2005-3137
2005-10-05 19:02:00
CVE-2005-2960
2005-10-05 19:02:00
securityvulns
securityvulns
[Full-disclosure] [USN-198-1] cfengine vulnerabilities
2005-10-10 00:00:00
nvd
nvd
CVE-2005-3137
2005-10-05 19:02:00
freebsd
freebsd
cfengine -- arbitrary file overwriting vulnerability
2005-10-01 00:00:00
debian
debian
[SECURITY] [DSA 836-1] New cfengine2 packages fix arbitrary file overwriting
2005-10-01 14:10:50
[SECURITY] [DSA 835-1] New cfengine packages fix arbitrary file overwriting
2005-10-01 07:56:19
[SECURITY] [DSA 835-1] New cfengine packages fix arbitrary file overwriting
2005-10-01 07:56:19

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

JSON
Related for NVD:CVE-2005-2960
debiancve2openvas6ubuntu1ubuntucve2cvelist2osv2nessus5cve2securityvulns1nvd1freebsd1debian4