Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.14317 |
Kategorie: | Gain a shell remotely |
Titel: | cfengine CFServD transaction packet buffer overrun vulnerability |
Zusammenfassung: | Cfengine is running on this remote host.;; This version is prone to a stack-based buffer overrun vulnerability.; An attacker, exploiting this flaw, would need network access to the; server as well as the ability to send a crafted transaction packet; to the cfservd process. A successful exploitation of this flaw; would lead to arbitrary code being executed on the remote machine; or a loss of service (DoS). |
Beschreibung: | Summary: Cfengine is running on this remote host. This version is prone to a stack-based buffer overrun vulnerability. An attacker, exploiting this flaw, would need network access to the server as well as the ability to send a crafted transaction packet to the cfservd process. A successful exploitation of this flaw would lead to arbitrary code being executed on the remote machine or a loss of service (DoS). Solution: Upgrade to at least 1.5.3-4, 2.0.8 or most recent 2.1 version. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
Querverweis: |
BugTraq ID: 8699 Common Vulnerability Exposure (CVE) ID: CVE-2003-0849 Bugtraq: 20030925 Cfengine2 cfservd remote stack overflow (Google Search) http://marc.info/?l=bugtraq&m=106451047819552&w=2 Bugtraq: 20030928 cfengine2-2.0.3 remote exploit for redhat (Google Search) http://marc.info/?l=bugtraq&m=106485375218280&w=2 Bugtraq: 20031005 GLSA: cfengine (200310-02) (Google Search) http://marc.info/?l=bugtraq&m=106546086216984&w=2 |
Copyright | This script is Copyright (C) 2004 David Maciejak |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |