CVE-2003-0849

Sažetak

Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.

Reference

http://marc.info/?l=bugtraq&m=106451047819552&w=2
http://marc.info/?l=bugtraq&m=106485375218280&w=2
http://marc.info/?l=bugtraq&m=106546086216984&w=2

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

18-10-2016 - 02:38

Objavljeno

17-11-2003 - 05:00