Format string vulnerability in cfd daemon in GNU CFEngine prior to 1.6.0a11 allows malicious users to execute arbitrary commands via format characters in the CAUTH command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu cfengine 1.5 |
||
gnu cfengine 1.5.3-4 |
||
gnu cfengine 1.6 |