219 matches found
Northern.tech CFEngine 信任管理问题漏洞
Northern.tech CfEngine is an open source configuration management solution from Northern.tech, Inc. It is used to securely manage It infrastructure. A security vulnerability exists in Northern.tech CFEngine Enterprise versions 3.15.0 through 3.15.4 that stems from the program's lack of SSL...
Northern.tech CfEngine 信息泄露漏洞
Northern.tech CfEngine is an open source configuration management solution from Northern.tech, Inc. It is used to securely manage It infrastructure. An information disclosure vulnerability exists in Northern.tech CFEngine Enterprise that stems from the Hub in CFEngine Enterprise 3.6.7 through...
CVE-2019-19394
Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0...
CVE-2019-19394
Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0...
Code injection
Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0...
CVE-2019-19394
Northern.tech CFEngine Enterprise before 3.10.7, 3.11.x and 3.12.x before 3.12.3, 3.13.x, and 3.14.x allows XSS. This is fixed in 3.10.7, 3.12.3, and 3.15.0...
CVE-2019-19394
CVE-2019-19394 affects Northern.tech CFEngine Enterprise prior to version 3.10.7, and the 3.11.x and 3.12.x branches prior to 3.12.3, as well as 3.13.x and 3.14.x branches. The vulnerability is an XSS issue in the CFEngine Enterprise product. The applicable fixes are in CFEngine Enterprise releas...
CVE-2019-9929
Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions...
CVE-2019-9929
Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions...
Code injection
Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions...
CVE-2019-9929
CVE-2019-9929 concerns Northern.tech CFEngine Enterprise 3.12.1 with insecure permissions. The connected sources consistently describe the issue as an insecure-permissions vulnerability for CFEngine Enterprise 3.12.1. The available documentation does not specify the exact vulnerable file, compone...
CVE-2019-9929
Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions...
CVE-2019-9929
Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions...
CFEngine 2.0.x CFServD Transaction Packet Buffer Overrun Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/8699/info cfengine is prone to a stack-based buffer overrun vulnerability. This issue may be exploited by remote attackers who can send malicious transaction packets to cfservd. This issue is due to insufficient bounds...
CFEngine 2.0.x CFServD Transaction Packet Buffer Overrun Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/8699/info cfengine is prone to a stack-based buffer overrun vulnerability. This issue may be exploited by remote attackers who can send malicious transaction packets to cfservd. This issue is due to insufficient bounds...
GNU Cfengine 2.-2.0.3 - Remote Stack Overflow Exploit
No description provided by source. !/usr/bin/perl -s kokaninATdtors.net / cfengine2-2.0.3 from freebsd ports 26/sep/2003. forking portbind shellcode port=0xb0ef45295 by eSDee bug discovered by nick cleaton, tested on FreeBSD 4.8-RELEASE use IO::Socket; if!$ARGV1 print usage: ./DSR-cfengine.pl hos...
GNU CFEngine 2.0.x/2.1 AuthenticationDialogue Remote Heap Based Buffer Overrun Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/10899/info GNU cfengine cfservd is reported prone to a remote heap-based buffer overrun vulnerability. The vulnerability presents itself in the cfengine cfservd AuthenticationDialogue function. The issue exists due to a...
Mandrake Linux Security Advisory : cfengine (MDKSA-2000:061)
The GNU cfengine is an abstract programming language for system administrators of large heterogeneous networks, used for maintenance and administration. There are a number of string format vulnerabilities in syslog calls that can be abused to either make the cfengine program segfault and die or t...
MDVA-2009:165 : cfengine
The 'recurse' keyword in any editfile action trigger the following warning, for each file found: cfengine:hostname: Unknown action in editing of file XYZ. This update fixes this issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a...
Gentoo Security Advisory GLSA 200408-08 (Cfengine)
The remote host is missing updates announced in advisory GLSA 200408-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...