CVE-2004-1701

Published Aug 9, 2004

Last updated 7 years ago

CVSS info 10.0

Overview

Description: Heap-based buffer overflow in the AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 allows remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E712F24-407C-451F-9DB4-09579B50F85B"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B3AE934D-08E5-42C7-B4C1-C9B0C8881B3E"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FD09E7B0-CA9F-49FC-BB8B-54CDB3230C98"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CC2CD9C4-C206-4C43-B519-6E791187E2DE"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D38FC40B-AC0A-4DD6-9964-3E8D57EC5F19"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2B4445F7-307B-4653-A0E4-0AE513218980"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.5:b1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B4EC7DFB-CBB8-457F-94A0-1DBB833F5F71"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.5:pre:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0B6729F6-B94B-4897-BEF5-C3A10A18D085"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.5:pre2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8CF801CA-BED6-43CA-8EA1-522365F2AA57"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "455F26C8-CFDD-4C9C-8482-8D53614B1143"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61A3C108-D79A-4465-8F4D-317AD84098AA"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.7:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D21D57EA-DF58-429B-9FBE-F0080085B62E"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.7:p2:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5E622AEA-F5B4-4BA3-B9F0-2E7C4D121411"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.7:p3:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D23A118C-59A6-44AB-A772-ED0037C95B53"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4EC61324-5640-48E4-B3E3-0006FC90770E"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.0.8:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BFC8CA7A-AB4C-4A04-B290-43A5E2B7B9E4"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.1.0:a6:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9CD529EF-93DF-441E-968B-32BAF48A9913"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.1.0:a8:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9BAB0408-08BD-4DCE-BA56-C60AD845E705"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.1.0:a9:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F78851E3-1E2B-45DB-8B4A-F8E1BDE2E057"
          },
          {
            "criteria": "cpe:2.3:a:gnu:cfengine:2.1.7:p1:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "546496E5-38B1-4E01-A8AB-C32DD7FDC59E"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References