• info
• discussion
• exploit
• solution
• references

Debian Linux cfengine Symlink Vulnerability

Solution:
It is recommended that cfengine be upgraded immediately.

Source archives:

ftp://ftp.debian.org/debian/dists/stable/main/source/admin/cfengine_1.4.9.orig.tar.gz

MD5 checksum: 9c952524f2ce0a3dae6728f63d28a3ce

ftp://ftp.debian.org/debian/dists/stable/main/source/admin/cfengine_1.4.9-3.diff.gz

MD5 checksum: 9de13ab36791319a846f5d50248b8ed5

ftp://ftp.debian.org/debian/dists/stable/main/source/admin/cfengine_1.4.9-3.dsc

MD5 checksum: 6d5f1d2c10ec0a0eeef07dd73244bb44

---

Binary Packages:

Intel architecture:

ftp://ftp.debian.org/debian/dists/stable/main/binary-i386/admin/cfengine_1.4.9-3_i386.deb

MD5 checksum: c935781e39141fdcc5b3e3e7a1b5ac7b

Motorola 680x0 architecture:

ftp://ftp.debian.org/debian/dists/stable/main/binary-i386/admin/cfengine_1.4.9-3_m68k.deb

MD5 checksum: 8628802255c66796f8acd3fe1844bb0b