CVE-2003-0849

Cfengine CFServD ReceiveTransaction Function Remote Overflow (CVE-2003-0849): A stack-based buffer overrun in cfservd’s ReceiveTransaction, triggered by crafted transactions, affects cfengine 2.x before 2.0.8. An attacker with network access can send a manipulated packet to cfservd, potentially a...

CVE-2003-0849

Removed by vendor...

Buffer overflow in cfengine

Stack overflow on ACL check...

Cfengine2 cfservd remote stack overflow

============================================================================== Background ========== Cfengine www.cfengine.org automates the configuration and maintenance of large computer networks. A common setup involves running the cfservd daemon on TCP port 5308 on a central master server, wi...

GNU Cfengine 2.-2.0.3 Remote Stack Overflow Exploit

No description provided by source. !/usr/bin/perl -s kokaninATdtors.net / cfengine2-2.0.3 from freebsd ports 26/sep/2003. forking portbind shellcode port=0xb0ef45295 by eSDee bug discovered by nick cleaton, tested on FreeBSD 4.8-RELEASE use IO::Socket; if!$ARGV1 print "usage: ./DSR-cfengine.pl ho...

GNU CFEngine 2.-2.0.3 - Remote Stack Overflow

GNU CFEngine 2.-2.0.3 - Remote Stack Overflow !/usr/bin/perl -s kokaninATdtors.net / cfengine2-2.0.3 from freebsd ports 26/sep/2003. forking portbind shellcode port=0xb0ef45295 by eSDee bug discovered by nick cleaton, tested on FreeBSD 4.8-RELEASE use IO::Socket; if!$ARGV1 print "usage:...

GNU Cfengine 2.-2.0.3 Remote Stack Overflow Exploit

Exploit for bsd platform in category remote exploits =================================================== GNU Cfengine 2.-2.0.3 Remote Stack Overflow Exploit =================================================== !/usr/bin/perl -s kokaninATdtors.net / cfengine2-2.0.3 from freebsd ports 26/sep/2003...

GNU CFEngine 2.-2.0.3 - Remote Stack Overflow

!/usr/bin/perl -s kokaninATdtors.net / cfengine2-2.0.3 from freebsd ports 26/sep/2003. forking portbind shellcode port=0xb0ef45295 by eSDee bug discovered by nick cleaton, tested on FreeBSD 4.8-RELEASE use IO::Socket; if!$ARGV1 print "usage: ./DSR-cfengine.pl default cfengine is 5308\n"; exit-1;...

GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun (1)

GNU CFEngine 2.0.x - CFServD Transaction Packet Buffer Overrun 1 // source: https://www.securityfocus.com/bid/8699/info cfengine is prone to a stack-based buffer overrun vulnerability. This issue may be exploited by remote attackers who can send malicious transaction packets to cfservd. This issu...

Серьезные дырки в cfengine

Многочисленные ошибки форматной строки позволяют получить root удаленно...

FreeBSD Ports Security Advisory FreeBSD-SA-01:27.cfengine

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:27 Security Advisory FreeBSD, Inc. Topic: cfengine port contains remote root vulnerability Category: ports Module: cfengine Announced: 2001-03-12 Credits: Pekka Savola...

FreeBSD-SA-01:27.cfengine

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:27 Security Advisory FreeBSD, Inc. Topic: cfengine port contains remote root vulnerability Category: ports Module: cfengine Announced: 2001-03-12 Credits: Pekka Savola...

CVE-2000-0947

Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command...

CVE-2000-0947

The CVE-2000-0947 issue is a format-string vulnerability in CFEngine’s cfd (CFEngine daemon) that can be triggered via the CAUTH command, allowing an attacker to cause the vulnerable host to run arbitrary commands. OpenVAS/Nessus entries describe that the flaw arises in cfd’s syslog handling and ...

CVE-2000-0947

Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command...

SuSE Security Announcement: cfengine

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: cfengine Date: Wednesday, October 11th, 2000 19:15 MEST Affected SuSE versions: 5.3, 6.0, 6.1, 6.3, 6.4, 7.0 Vulnerability Type: remote root compromise Severity 1-10: 5 SuSE default package: no Other affected systems: Linux...

CVE-1999-0374

CVE-1999-0374 : Debian GNU/Linux cfengine is vulnerable to a symlink attack. Connected documents confirm the issue but do not specify affected versions or a fixed release. PT-1999-1061 notes no information about a newer version containing a fix; monitoring for updates is advised. No exploit detai...

CVE-1999-0374

Debian GNU/Linux cfengine package is susceptible to a symlink attack...

cfengine.symlink.txt

Date: Tue, 16 Feb 1999 01:12:20 +0100 From: Wichert Akkerman To: [email protected] Subject: SECURITY New versions of cfengine fixes symlink attack -----BEGIN PGP SIGNED MESSAGE----- The maintainer of Debian GNU/Linux cfengine package found a error in the way cfengine handles temporary files wh...

CVE-1999-0374

Debian GNU/Linux cfengine package is susceptible to a symlink attack...