Описание
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:gnu:cfengine:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.5:b1:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.5:pre:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.5:pre2:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.7:p1:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.7:p2:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.7:p3:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.1.0:a6:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.1.0:a8:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.1.0:a9:*:*:*:*:*:*
EPSS
Процентиль: 92%
0.07684
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
около 22 лет назад
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote a ...
github
почти 4 года назад
Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.
EPSS
Процентиль: 92%
0.07684
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other