Buffer overflow in net.c for cfengine 2.x prior to 2.0.8 allows remote malicious users to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gnu cfengine 2.0.0 |
||
gnu cfengine 2.0.5 |
||
gnu cfengine 2.1.0 |
||
gnu cfengine 2.0.1 |
||
gnu cfengine 2.0.2 |
||
gnu cfengine 2.0.6 |
||
gnu cfengine 2.0.7 |
||
gnu cfengine 2.0.3 |
||
gnu cfengine 2.0.4 |