VULHUB ™

NetBSD Security Advisory 2000-013 - The cfd daemon in GNU CFEngine port contains several format string vulnerabilities in syslog() calls. This could permit remote hosts to inject the network daemon with a message causing a segmentation fault. As cfd is almost always run as root due to its nature (centralized configuration management), this could lead to a root compromise.

NetBSD Security Advisory 2000-013 - The cfd daemon in GNU CFEngine port contains several format string vulnerabilities in syslog() calls. This could permit remote hosts to inject the network daemon with a message causing a segmentation fault. As cfd is almost always run as root due to its nature (centralized configuration management), this could lead to a root compromise.