OpenCVE

Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gnu	Cfengine

Configuration 1 [-]

OR	cpe:2.3:a:gnu:cfengine:2.0.0:::::::*
	cpe:2.3:a:gnu:cfengine:2.0.1:::::::*
	cpe:2.3:a:gnu:cfengine:2.0.2:::::::*
	cpe:2.3:a:gnu:cfengine:2.0.3:::::::*
	cpe:2.3:a:gnu:cfengine:2.0.4:::::::*
	cpe:2.3:a:gnu:cfengine:2.0.5:::::::*
	cpe:2.3:a:gnu:cfengine:2.0.5:b1::::::
	cpe:2.3:a:gnu:cfengine:2.0.5:pre::::::
	cpe:2.3:a:gnu:cfengine:2.0.5:pre2::::::
	cpe:2.3:a:gnu:cfengine:2.0.6:::::::*
	cpe:2.3:a:gnu:cfengine:2.0.7:::::::*
	cpe:2.3:a:gnu:cfengine:2.0.7:p1::::::
	cpe:2.3:a:gnu:cfengine:2.0.7:p2::::::
	cpe:2.3:a:gnu:cfengine:2.0.7:p3::::::
	cpe:2.3:a:gnu:cfengine:2.1.0:a6::::::
	cpe:2.3:a:gnu:cfengine:2.1.0:a8::::::
	cpe:2.3:a:gnu:cfengine:2.1.0:a9::::::

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=106451047819552&w=2
http://marc.info/?l=bugtraq&m=106485375218280&w=2
http://marc.info/?l=bugtraq&m=106546086216984&w=2

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2003-10-09T04:00:00

Updated: 2024-08-08T02:05:12.584Z

Reserved: 2003-10-08T00:00:00

Link: CVE-2003-0849

Vulnrichment

No data.

NVD

Status : Modified

Published: 2003-11-17T05:00:00.000

Modified: 2024-11-20T23:45:40.110

Link: CVE-2003-0849

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2003-09-25T00:00:00", "descriptions": [{"lang": "en", "value": "Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-17T13:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "20030925 Cfengine2 cfservd remote stack overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=106451047819552&w=2"}, {"name": "20030928 cfengine2-2.0.3 remote exploit for redhat", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=106485375218280&w=2"}, {"name": "20031005 GLSA: cfengine (200310-02)", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://marc.info/?l=bugtraq&m=106546086216984&w=2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2003-0849", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "20030925 Cfengine2 cfservd remote stack overflow", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=106451047819552&w=2"}, {"name": "20030928 cfengine2-2.0.3 remote exploit for redhat", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=106485375218280&w=2"}, {"name": "20031005 GLSA: cfengine (200310-02)", "refsource": "BUGTRAQ", "url": "http://marc.info/?l=bugtraq&m=106546086216984&w=2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-08T02:05:12.584Z"}, "title": "CVE Program Container", "references": [{"name": "20030925 Cfengine2 cfservd remote stack overflow", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=106451047819552&w=2"}, {"name": "20030928 cfengine2-2.0.3 remote exploit for redhat", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=106485375218280&w=2"}, {"name": "20031005 GLSA: cfengine (200310-02)", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=106546086216984&w=2"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2003-0849", "datePublished": "2003-10-09T04:00:00", "dateReserved": "2003-10-08T00:00:00", "dateUpdated": "2024-08-08T02:05:12.584Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:cfengine:2.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E712F24-407C-451F-9DB4-09579B50F85B", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B3AE934D-08E5-42C7-B4C1-C9B0C8881B3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "FD09E7B0-CA9F-49FC-BB8B-54CDB3230C98", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "CC2CD9C4-C206-4C43-B519-6E791187E2DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "D38FC40B-AC0A-4DD6-9964-3E8D57EC5F19", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "2B4445F7-307B-4653-A0E4-0AE513218980", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.5:b1:*:*:*:*:*:*", "matchCriteriaId": "B4EC7DFB-CBB8-457F-94A0-1DBB833F5F71", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.5:pre:*:*:*:*:*:*", "matchCriteriaId": "0B6729F6-B94B-4897-BEF5-C3A10A18D085", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.5:pre2:*:*:*:*:*:*", "matchCriteriaId": "8CF801CA-BED6-43CA-8EA1-522365F2AA57", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "455F26C8-CFDD-4C9C-8482-8D53614B1143", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "61A3C108-D79A-4465-8F4D-317AD84098AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.7:p1:*:*:*:*:*:*", "matchCriteriaId": "D21D57EA-DF58-429B-9FBE-F0080085B62E", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.7:p2:*:*:*:*:*:*", "matchCriteriaId": "5E622AEA-F5B4-4BA3-B9F0-2E7C4D121411", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.0.7:p3:*:*:*:*:*:*", "matchCriteriaId": "D23A118C-59A6-44AB-A772-ED0037C95B53", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.1.0:a6:*:*:*:*:*:*", "matchCriteriaId": "9CD529EF-93DF-441E-968B-32BAF48A9913", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.1.0:a8:*:*:*:*:*:*", "matchCriteriaId": "9BAB0408-08BD-4DCE-BA56-C60AD845E705", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:cfengine:2.1.0:a9:*:*:*:*:*:*", "matchCriteriaId": "F78851E3-1E2B-45DB-8B4A-F8E1BDE2E057", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function."}, {"lang": "es", "value": "Desbordamiento de b\u00fafer en net.c de cfengine 2.x a 2.0.8 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante ciertos paquetes con valores de longitud modificados, del cual se fia la funci\u00f3n ReceiveTransaction cuando usa un bufer provisto por la funci\u00f3n BusyWithConnection."}], "id": "CVE-2003-0849", "lastModified": "2024-11-20T23:45:40.110", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2003-11-17T05:00:00.000", "references": [{"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=106451047819552&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=106485375218280&w=2"}, {"source": "cve@mitre.org", "url": "http://marc.info/?l=bugtraq&m=106546086216984&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=106451047819552&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=106485375218280&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=106546086216984&w=2"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}