File Overwrite Vulnerability in CFEngine Products by CFEngine
CVE-2005-2960
Currently unrated
Summary
CFEngine versions 1.6.5 and 2.1.16 are susceptible to a file overwrite issue originating from the use of temporary files by the vicf.in component. This vulnerability allows local users to conduct a symlink attack, potentially overwriting arbitrary files on the system. This poses a significant risk to system integrity and underscores the necessity for users to apply appropriate security patches and updates to mitigate the threat.
References
Timeline
Vulnerability published
Vulnerability Reserved