Symlink Attack Vulnerability in Cfengine by Cfengine
CVE-2005-3137

Currently unrated

Key Information:

Vendor

Gnu
Status
Cfengine
Vendor
CVE Published:
5 October 2005

What is CVE-2005-3137?

The cfmailfilter and cfcron.in files in Cfengine 1.6.5 are susceptible to a symlink attack, allowing local users to overwrite arbitrary files by exploiting temporary files. This raises significant security concerns as attackers can manipulate file system permissions and compromise system integrity. Prompt patching and proper permission management are essential to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://bugs.gentoo.org/show_bug.cgi?id=107871
x_refsource_MISC
http://secunia.com/advisories/17040
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/22489
vdb-entryx_refsource_XF

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.