• info
• discussion
• exploit
• solution
• references

CFEngine CFServD Transaction Packet Buffer Overrun Vulnerability

Solution:
This issue has been addressed in cfengine versions 2.0.8/2.0.8p1. A patch has also been made available for version 2.0.7p3. Versions prior to 2.0.0 do not include the vulnerable code, but users are advised against downgrading to cfengine 1.x since these versions are no longer maintained.

Fixed versions will report exploitation attempts with the following log message:
"Bad transaction packet -- too long"

Gentoo has released an advisory (200310-02) and fixes for this issue. To obtain fixes, execute the folloiwng commands:

emerge sync
emerge -p cfengine
emerge cfengine
emerge clean


GNU Cfengine 2.0 .0

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.1

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.2

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.3

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.4

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.5

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.5 b1

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.5 pre2

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.5 pre

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.6

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.7

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.7 p1

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.7 p3

• GNU net.c.patch
  http://www.securityfocus.com/data/vulnerabilities/patches/net.c.patch


• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.0.7 p2

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.1 .0a8

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.1 .0a9

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz

GNU Cfengine 2.1 .0a6

• GNU cfengine-2.0.8p1.tar.gz
  ftp://ftp.iu.hio.no/pub/cfengine/cfengine-2.0.8p1.tar.gz