Cfengine AuthenticationDialogue Vulnerability Network Vulnerability

Summary

Cfengine is running on this remote host. cfengine cfservd is reported prone to a remote heap-based buffer overrun vulnerability. The vulnerability presents itself in the cfengine cfservd AuthenticationDialogue() function. The issue exists due to a lack of sufficient boundary checks performed on challenge data that is received from a client. In addition, cfengine cfservd is reported prone to a remote denial of service vulnerability. The vulnerability presents itself in the cfengine cfservd AuthenticationDialogue() function which is responsible for processing SAUTH commands and also performing RSA based authentication. The vulnerability presents itself because return values for several statements within the AuthenticationDialogue() function are not checked.

Solution

Upgrade to 2.1.8 or newer.

Severity

Classification

CVE CVE-2004-1701, CVE-2004-1702

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

ClamAV 'find_stream_bounds()' PDF File Processing Denial Of Service Vulnerability
Google Chrome Multiple Denial of Service Vulnerabilities - February 11(Linux)
Google Chrome Multiple Denial of Service Vulnerabilities - March12 (Mac OS X)
ClamAV Denial of Service Vulnerability (Win)
Adobe Digital Edition Denial of Service Vulnerability (Windows)

cfengine AuthenticationDialogue vulnerability

Take action and discover your vulnerabilities