Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0947

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0947
Last Modified 05 Sep 2008 04:22:15
Published 19 Dec 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0947

Summary

Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.

Vulnerable Systems

Application

  • Gnu Cfengine 1.5

  • Gnu Cfengine 1.5.3-4

  • Gnu Cfengine 1.6


References

BID - 1757

MANDRAKE - MDKSA-2000:061

XF - cfengine-cfd-format-string

BUGTRAQ - 20001002 Very probable remote root vulnerability in cfengine

NETBSD - NetBSD-SA2000-013


Last Updated: 27 May 2016 10:35:56