File Overwrite Vulnerability in CFEngine Products by CFEngine
CVE-2005-2960

Currently unrated

Key Information:

Vendor

Gnu
Status
Cfengine
Vendor
CVE Published:
5 October 2005

What is CVE-2005-2960?

CFEngine versions 1.6.5 and 2.1.16 are susceptible to a file overwrite issue originating from the use of temporary files by the vicf.in component. This vulnerability allows local users to conduct a symlink attack, potentially overwriting arbitrary files on the system. This poses a significant risk to system integrity and underscores the necessity for users to apply appropriate security patches and updates to mitigate the threat.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://bugs.gentoo.org/show_bug.cgi?id=107871
x_refsource_MISC
http://secunia.com/advisories/17040
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/22489
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.