Heap-based Buffer Overflow in Cfengine by Cfengine Corp
CVE-2004-1701

Currently unrated

Key Information:

Vendor
Gnu
Status
Vendor
CVE Published:
9 August 2004

Summary

A heap-based buffer overflow vulnerability exists in the AuthenticationDialogue function of cfservd in Cfengine versions 2.0.0 to 2.1.7p1. This flaw permits remote attackers to potentially execute arbitrary code through a specially crafted long SAUTH command during the RSA authentication process, thereby compromising the security of affected systems. Immediate remediation is recommended for systems utilizing these versions of Cfengine.

References

EPSS Score

56% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

.