CVE-2003-0849

Cfengine CFServD ReceiveTransaction Function Remote Overflow (CVE-2003-0849): A stack-based buffer overrun in cfservd’s ReceiveTransaction, triggered by crafted transactions, affects cfengine 2.x before 2.0.8. An attacker with network access can send a manipulated packet to cfservd, potentially a...

CVE-2005-2960

CVE-2005-2960 affects cfengine versions 1.6.5 and 2.1.16. The issue arises from insecure temporary file handling, allowing a local user to perform a symlink attack and overwrite arbitrary files owned by the user executing cfengine (likely root). The problem is tied to the vicf.in temporary files ...

CVE-2005-3137

CVE-2005-3137 affects cfengine 1.6.5 via insecure temporary file handling in cfmailfilter and cfcron.in, enabling a local user to exploit a symlink to overwrite arbitrary files owned by the executing user (likely root). Connected advisories (Debian DSA-835-1, DSA-836-1) document insecure temporar...

CVE-2000-0947

The CVE-2000-0947 issue is a format-string vulnerability in CFEngine’s cfd (CFEngine daemon) that can be triggered via the CAUTH command, allowing an attacker to cause the vulnerable host to run arbitrary commands. OpenVAS/Nessus entries describe that the flaw arises in cfd’s syslog handling and ...

CVE-2004-1702

CVE-2004-1702 affects Cfengine cfservd (versions 2.0.0–2.1.7p1). The vulnerability is in cfservd’s AuthenticationDialogue() where the return value of ReceiveTransaction is not properly handled, causing a failed malloc and a null dereference that can crash the process. OpenVAS and Gentoo GLSA desc...

CVE-2004-1701

CVE-2004-1701 describes a remote vulnerability in Cfengine’s cfservd: a heap-based buffer overflow in the AuthenticationDialogue() function allows an attacker to execute arbitrary code via a long SAUTH command during RSA authentication, affecting Cfengine 2.0.0 through 2.1.7p1. Public records als...