ID de Prueba:	1.3.6.1.4.1.25623.1.0.14317
Categoría:	Gain a shell remotely
Título:	cfengine CFServD transaction packet buffer overrun vulnerability
Resumen:	Cfengine is running on this remote host.;; This version is prone to a stack-based buffer overrun vulnerability.; An attacker, exploiting this flaw, would need network access to the; server as well as the ability to send a crafted transaction packet; to the cfservd process. A successful exploitation of this flaw; would lead to arbitrary code being executed on the remote machine; or a loss of service (DoS).
Descripción:	Summary: Cfengine is running on this remote host. This version is prone to a stack-based buffer overrun vulnerability. An attacker, exploiting this flaw, would need network access to the server as well as the ability to send a crafted transaction packet to the cfservd process. A successful exploitation of this flaw would lead to arbitrary code being executed on the remote machine or a loss of service (DoS). Solution: Upgrade to at least 1.5.3-4, 2.0.8 or most recent 2.1 version. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2003-0849 Bugtraq: 20030925 Cfengine2 cfservd remote stack overflow (Google Search) http://marc.info/?l=bugtraq&m=106451047819552&w=2 Bugtraq: 20030928 cfengine2-2.0.3 remote exploit for redhat (Google Search) http://marc.info/?l=bugtraq&m=106485375218280&w=2 Bugtraq: 20031005 GLSA: cfengine (200310-02) (Google Search) http://marc.info/?l=bugtraq&m=106546086216984&w=2
Copyright	Copyright (C) 2004 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.