CVE Vulnerabilities

CVE-2000-0947

Published: Dec 19, 2000 | Modified: Oct 10, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.

Affected Software

Name Vendor Start Version End Version
Cfengine Gnu 1.5 1.5
Cfengine Gnu 1.5.3-4 1.5.3-4
Cfengine Gnu 1.6 1.6

References