Vulnerability in N/a
CVE-2004-1701
Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.
EPSS: 0.568 (98.2th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- www.coresecurity.com/common/showdoc.php (x_refsource_MISC)
- 20040809 CORE-2004-0714: Cfengine RSA Authentication Heap Corruption (mailing-list, x_refsource_BUGTRAQ)
- cfengine-cfservd-command-execution(16935) (vdb-entry, x_refsource_XF)
- 10899 (vdb-entry, x_refsource_BID)
- 12251 (x_refsource_SECUNIA, third-party-advisory)
- 20050219 cfengine rsa heap remote exploit: part of PTjob project (mailing-list, x_refsource_BUGTRAQ)
- GLSA-200408-08 (vendor-advisory, x_refsource_GENTOO)