Vulnerability Development mailing list archives
Re: CFengine
From: Jeff Bachtel <sebastion () IRELANDMAIL COM>
Date: Wed, 9 Aug 2000 16:49:08 -0500
From the cfengine documentation, the 5308 port should only be used as
a semaphore to call pre-created scripts on client cfengine machines. I don't think anyone's audited the code, however, so it is still possible there might be buffer overflows useable to overwrite the stack/heap and execute arbitrary code. jeff On Tue, Aug 08, 2000 at 11:55:28AM -0400, Mike wrote:
Hey. I am thinking of implementing Cfengine for managing configuration files, packages, and patches for our differet servers and locations. Anyone heard of any security flaws with CFengine via its TCP port 5308? -M
Current thread:
- CFengine Mike (Aug 09)
- Re: CFengine Jeff Bachtel (Aug 10)
- Re: CFengine Nichole Koreen Boscia (Aug 10)