Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: CFengine
From: Jeff Bachtel <sebastion () IRELANDMAIL COM>
Date: Wed, 9 Aug 2000 16:49:08 -0500
From the cfengine documentation, the 5308 port should only be used as

a semaphore to call pre-created scripts on client cfengine machines.

I don't think anyone's audited the code, however, so it is still
possible there might be buffer overflows useable to overwrite the
stack/heap and execute arbitrary code.

jeff

On Tue, Aug 08, 2000 at 11:55:28AM -0400, Mike wrote:

Hey.

I am thinking of implementing Cfengine for managing configuration files,
packages, and patches for our differet servers and locations.

Anyone heard of any security flaws with CFengine via its TCP port 5308?

-M

  By Date           By Thread  

Current thread:
  • CFengine Mike (Aug 09)
    • Re: CFengine Jeff Bachtel (Aug 10)
    • Re: CFengine Nichole Koreen Boscia (Aug 10)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]