This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.
The remote host is affected by a denial of service vulnerability.
Cfengine is running on this remote host.
Cfengine cfservd is reported prone to a remote heap-based buffer
The vulnerability presents itself in the cfengine cfservd
AuthenticationDialogue() function. The issue exists due to a lack of
sufficient boundary checks performed on challenge data that is
received from a client.
In addition, cfengine cfservd is reported prone to a remote denial of
service vulnerability. The vulnerability presents itself in the
cfengine cfservd AuthenticationDialogue() function which is
responsible for processing SAUTH commands and also performing RSA
based authentication. The vulnerability presents itself because
return values for several statements within the
AuthenticationDialogue() function are not checked.
See also :
Upgrade to 2.1.8 or newer.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.1
Public Exploit Available : true