CVE-2000-0947

Currently unrated

Key Information:

Vendor
Gnu
Status
Cfengine
Vendor
CVE Published:
19 December 2000

Summary

Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.

References

http://archives.neohapsis.com/archives/bugtraq/2000-10/00...
mailing-listx_refsource_BUGTRAQ
http://www.linux-mandrake.com/en/security/MDKSA-2000-061....
vendor-advisoryx_refsource_MANDRAKE
ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/...
vendor-advisoryx_refsource_NETBSD

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.