Vulnerability Details CVE-2000-0947
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.009
EPSS Ranking 74.8%
CVSS Severity
CVSS v2 Score 10.0
References
- ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-013.txt.asc
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0004.html
- http://www.linux-mandrake.com/en/security/MDKSA-2000-061.php3?dis=7.1
- http://www.securityfocus.com/bid/1757
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5630
- ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-013.txt.asc
- http://archives.neohapsis.com/archives/bugtraq/2000-10/0004.html
- http://www.linux-mandrake.com/en/security/MDKSA-2000-061.php3?dis=7.1
- http://www.securityfocus.com/bid/1757
- https://exchange.xforce.ibmcloud.com/vulnerabilities/5630