VYPR

Cfengine

by Cfengine

CVEs (3)

  • CVE-2004-1701Aug 9, 2004
    risk 0.05cvss epss 0.20

    Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.

  • CVE-2005-2960Oct 5, 2005
    risk 0.00cvss epss 0.00

    cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.

  • CVE-2004-1702Aug 9, 2004
    risk 0.00cvss epss 0.02

    The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of…