Cfengine RSA Remote Overflow

Network Security News – Tuesday, April 05, 2005 Events

Cfengine RSA Remote Overflow

A remote overflow exists in Cfengine. The 'AuthenticationDialogue()' function fails to perform proper bounds checking resulting in a buffer overflow. With an overly long 'SAUTH' command during RSA authentication, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/14664