Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2004-1701

Published: 09/08/2004 Updated: 11/07/2017
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Cfengine

Vulnerability Summary

Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote malicious users to execute arbitrary code via a long SAUTH command during RSA authentication.

Vulnerable Product Search on Vulmon Subscribe to Product

gnu cfengine 2.0.0

gnu cfengine 2.0.5

gnu cfengine 2.1.0

gnu cfengine 2.0.3

gnu cfengine 2.0.4

gnu cfengine 2.0.7

gnu cfengine 2.0.8

gnu cfengine 2.0.1

gnu cfengine 2.0.2

gnu cfengine 2.0.6

gnu cfengine 2.1.7

Exploits

Exploit DB: GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Buffer Overrun (1)
source: wwwsecurityfocuscom/bid/10899/info GNU cfengine cfservd is reported prone to a remote heap-based buffer overrun vulnerability The vulnerability presents itself in the cfengine cfservd AuthenticationDialogue() function The issue exists due to a lack of sufficient boundary checks performed on challenge data that is received from ...
Exploit DB: GNU CFEngine 2.0.x/2.1 - AuthenticationDialogue Remote Heap Buffer Overrun (2)
source: wwwsecurityfocuscom/bid/10899/info GNU cfengine cfservd is reported prone to a remote heap-based buffer overrun vulnerability The vulnerability presents itself in the cfengine cfservd AuthenticationDialogue() function The issue exists due to a lack of sufficient boundary checks performed on challenge data that is received fro ...

References

NVD-CWE-Otherhttp://www.coresecurity.com/common/showdoc.php?idx=387&idxseccion=10http://security.gentoo.org/glsa/glsa-200408-08.xmlhttp://www.securityfocus.com/bid/10899http://secunia.com/advisories/12251http://marc.info/?l=bugtraq&m=109208394910086&w=2http://marc.info/?l=bugtraq&m=110886670528775&w=2https://exchange.xforce.ibmcloud.com/vulnerabilities/16935https://nvd.nist.govhttps://www.exploit-db.com/exploits/24360/
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2024-34413CVE-2024-34089CVE-2024-33408localSQLCVE-2024-0402CVE-2024-33910CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook