[SECURITY] New versions of cfengine fixes symlink attack

The maintainer of Debian GNU/Linux cfengine package found a error in the way cfengine handles temporary files when it runs the tidy action on homedirectories, which makes it suspectible to a symlink attack. The author has been notified of the problem but has not released a fix yet. We recommend y...

[SECURITY] New versions of cfengine fixes symlink attack

The maintainer of Debian GNU/Linux cfengine package found a error in the way cfengine handles temporary files when it runs the tidy action on homedirectories, which makes it suspectible to a symlink attack. The author has been notified of the problem but has not released a fix yet. We recommend y...

PT-1999-1061 · Debian · Cfengine

Name of the Vulnerable Software and Affected Versions: Debian GNU/Linux affected versions not specified Description: The issue affects the cfengine package in Debian GNU/Linux, making it susceptible to a symlink attack. Recommendations: At the moment, there is no information about a newer version...

Cfengine RSA Authentication Heap Corruption

Advisory ID Internal CORE-2004-0714 Advisory ID: CORE-2004-0714 Bugtraq ID: 10899, 10900 CVE Name: None currently assigned. Title: Cfengine RSA Authentication Heap Corruption Class: Input validation error Boundary error condition Buffer Overflow Remotely Exploitable: Yes Locally Exploitable: Yes...