Heap-based Buffer Overflow in Cfengine by Cfengine Corp
CVE-2004-1701
Currently unrated
Summary
A heap-based buffer overflow vulnerability exists in the AuthenticationDialogue function of cfservd in Cfengine versions 2.0.0 to 2.1.7p1. This flaw permits remote attackers to potentially execute arbitrary code through a specially crafted long SAUTH command during the RSA authentication process, thereby compromising the security of affected systems. Immediate remediation is recommended for systems utilizing these versions of Cfengine.
References
EPSS Score
56% chance of being exploited in the next 30 days.
Timeline
Vulnerability Reserved
Vulnerability published