CVE Vulnerabilities

CVE-2004-1701

Published: Aug 09, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.

Affected Software

Name Vendor Start Version End Version
Cfengine Gnu 2.0.0 (including) 2.0.0 (including)
Cfengine Gnu 2.0.1 (including) 2.0.1 (including)
Cfengine Gnu 2.0.2 (including) 2.0.2 (including)
Cfengine Gnu 2.0.3 (including) 2.0.3 (including)
Cfengine Gnu 2.0.4 (including) 2.0.4 (including)
Cfengine Gnu 2.0.5 (including) 2.0.5 (including)
Cfengine Gnu 2.0.5-b1 (including) 2.0.5-b1 (including)
Cfengine Gnu 2.0.5-pre (including) 2.0.5-pre (including)
Cfengine Gnu 2.0.5-pre2 (including) 2.0.5-pre2 (including)
Cfengine Gnu 2.0.6 (including) 2.0.6 (including)
Cfengine Gnu 2.0.7 (including) 2.0.7 (including)
Cfengine Gnu 2.0.7-p1 (including) 2.0.7-p1 (including)
Cfengine Gnu 2.0.7-p2 (including) 2.0.7-p2 (including)
Cfengine Gnu 2.0.7-p3 (including) 2.0.7-p3 (including)
Cfengine Gnu 2.0.8 (including) 2.0.8 (including)
Cfengine Gnu 2.0.8-p1 (including) 2.0.8-p1 (including)
Cfengine Gnu 2.1.0-a6 (including) 2.1.0-a6 (including)
Cfengine Gnu 2.1.0-a8 (including) 2.1.0-a8 (including)
Cfengine Gnu 2.1.0-a9 (including) 2.1.0-a9 (including)
Cfengine Gnu 2.1.7-p1 (including) 2.1.7-p1 (including)

References