CVE-2003-0849

Currently unrated

Key Information:

Vendor: Gnu
Status: Cfengine
Vendor: CVE Published:; 17 November 2003

Summary

Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.

References

http://marc.info/?l=bugtraq&m=106451047819552&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=bugtraq&m=106485375218280&w=2

mailing-listx_refsource_BUGTRAQ

http://marc.info/?l=bugtraq&m=106546086216984&w=2

mailing-listx_refsource_BUGTRAQ

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Nov 17, 2003
Vulnerability Reserved
Oct 8, 2003