Bugtraq: Re: Very probable remote root vulnerability in cfengine

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Very probable remote root vulnerability in cfengine

From: Ben Collins <bcollins () DEBIAN ORG>
Date: Mon, 2 Oct 2000 17:14:40 -0400


1.5.x and 1.6.0a10 were tested on Red Hat Linux; however, this is not
part of Red Hat Linux or Powertools.  Debian, at least, includes cfengine
as a package.


FYI, cfd is not started by default on Debian installs, so unless the admin
enables the cfd daemon, there is no concern. However, I have compiled and
uploaded fixed packages (powerpc, sparc and i386 so far) to
porposed-updates and unstable. Expect an announcement from the security
team soon.

Ben

--
 -----------=======-=-======-=========-----------=====------------=-=------
/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`  bcollins () debian org  --  bcollins () openldap org  --  bcollins () linux com  '
 `---=========------=======-------------=-=-----=-===-======-------=--=---'

By Date By Thread

Current thread:

Very probable remote root vulnerability in cfengine Pekka Savola (Oct 02)
- Re: Very probable remote root vulnerability in cfengine Ben Collins (Oct 02)
- <Possible follow-ups>
- Re: Very probable remote root vulnerability in cfengine Shaun Clowes (Oct 02)
  - Re: Very probable remote root vulnerability in cfengine Sergey Kogan (Oct 03)
  - Re: Very probable remote root vulnerability in cfengine David LeBlanc (Oct 03)
  - Re: Very probable remote root vulnerability in cfengine Scott Gifford (Oct 03)