CVE-2004-1701

Name of the Vulnerable Software and Affected Versions Cfengine versions 2.0.0 through 2.1.7p1 Cfengine version 2.1.7 and earlier

Description The issue is related to a heap-based buffer overflow in the AuthenticationDialogue function in cfservd, which can be exploited by remote attackers to execute arbitrary code via a long SAUTH command during RSA authentication. Multiple vulnerabilities in the cfengine package can lead to breaches of confidentiality, integrity, and availability of protected information, and these vulnerabilities can be exploited remotely.

Recommendations For Cfengine versions 2.0.0 through 2.1.7p1, consider disabling the AuthenticationDialogue function until a patch is available. For Cfengine version 2.1.7 and earlier, restrict access to the cfservd service to minimize the risk of exploitation. As a temporary workaround, avoid using long SAUTH commands during RSA authentication until the issue is resolved.