CVE-2003-0849

Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:gnu:cfengine:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.2:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.3:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.5:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.5:b1:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.5:pre:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.5:pre2:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.6:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.7:*:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.7:p1:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.7:p2:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.0.7:p3:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.1.0:a6:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.1.0:a8:*:*:*:*:*:*
cpe:2.3:a:gnu:cfengine:2.1.0:a9:*:*:*:*:*:*

History

20 Nov 2024, 23:45

Type Values Removed Values Added
References () http://marc.info/?l=bugtraq&m=106451047819552&w=2 - () http://marc.info/?l=bugtraq&m=106451047819552&w=2 -
References () http://marc.info/?l=bugtraq&m=106485375218280&w=2 - () http://marc.info/?l=bugtraq&m=106485375218280&w=2 -
References () http://marc.info/?l=bugtraq&m=106546086216984&w=2 - () http://marc.info/?l=bugtraq&m=106546086216984&w=2 -

Information

Published : 2003-11-17 05:00

Updated : 2024-11-20 23:45


NVD link : CVE-2003-0849

Mitre link : CVE-2003-0849

CVE.ORG link : CVE-2003-0849


JSON object : View

Products Affected

gnu

  • cfengine