VULHUB ™

GNU cfengine cfservd is reported prone to a remote denial of service vulnerability. The vulnerability presents itself in the cfengine cfservd AuthenticationDialogue() function that is responsible for processing SAUTH commands and also performing RSA based authentication. The vulnerability presents itself because return values for several statements within the AuthenticationDialogue() function are not checked. This memcpy() operation based on the return values will fail resulting in a daemon crash. A remote attacker may exploit this vulnerability to crash the affected daemon effectively denying service to legitimate users. cfservd employs an IP based access control method (AllowConnectionsFrom). This access control must be bypassed prior to exploitation. This may hinder exploitation attempts. This vulnerability is reported to affect versions 2.0.0 to 2.1.7p1 of cfengine cfservd.

GNU cfengine cfservd is reported prone to a remote denial of service vulnerability. The vulnerability presents itself in the cfengine cfservd AuthenticationDialogue() function that is responsible for processing SAUTH commands and also performing RSA based authentication. The vulnerability presents itself because return values for several statements within the AuthenticationDialogue() function are not checked. This memcpy() operation based on the return values will fail resulting in a daemon crash. A remote attacker may exploit this vulnerability to crash the affected daemon effectively denying service to legitimate users. cfservd employs an IP based access control method (AllowConnectionsFrom). This access control must be bypassed prior to exploitation. This may hinder exploitation attempts. This vulnerability is reported to affect versions 2.0.0 to 2.1.7p1 of cfengine cfservd.