Buffer Overflow Vulnerability in cfengine 2.x by Cfengine
CVE-2003-0849

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
17 November 2003

Summary

A buffer overflow exists in the cfengine remote agent due to improper handling of packet length values in net.c. This vulnerability could be exploited by remote attackers to send specially crafted packets that overflow the buffer, potentially allowing them to execute arbitrary code on the target system. The flaw is present in cfengine versions prior to 2.0.8, making systems running these versions particularly vulnerable when the ReceiveTransaction function processes the malicious input.

References

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.