Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.Install Now
Available for macOS, Windows, and Linux
cfengine CFServD transaction packet buffer overrun vulnerability
Gain a shell remotely
17 years ago
4 years ago
Cfengine is running on this remote host. This version is prone to a stack-based buffer overrun vulnerability. An attacker, exploiting this flaw, would need network access to the server as well as the ability to send a crafted transaction packet to the cfservd process. A successful exploitation of this flaw would lead to arbitrary code being executed on the remote machine or a loss of service (DoS).
Upgrade to at least 1.5.3-4, 2.0.8 or most recent 2.1 version.