Family: Gain a shell remotely --> Category: infos
cfengine CFServD transaction packet buffer overrun vulnerability Vulnerability Scan
Vulnerability Scan Summary
check for cfengine flaw based on its version
Detailed Explanation for this Vulnerability Test
Cfengine is running on this remote host.
This version is prone to a stack-based buffer overrun vulnerability.
A possible hacker, exploiting this flaw, would need network access to the
server as well as the ability to send a crafted transaction packet
to the cfservd process. A successful exploitation of this flaw
would lead to arbitrary code being executed on the remote machine
or a loss of service (DoS).
Solution: Upgrade to at least 1.5.3-4, 2.0.8 or most recent 2.1 version.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.