Bugtraq mailing list archives

Re: Very probable remote root vulnerability in cfengine

From: Ben Collins <bcollins () DEBIAN ORG>
Date: Mon, 2 Oct 2000 17:14:40 -0400


1.5.x and 1.6.0a10 were tested on Red Hat Linux; however, this is not
part of Red Hat Linux or Powertools.  Debian, at least, includes cfengine
as a package.


FYI, cfd is not started by default on Debian installs, so unless the admin
enables the cfd daemon, there is no concern. However, I have compiled and
uploaded fixed packages (powerpc, sparc and i386 so far) to
porposed-updates and unstable. Expect an announcement from the security
team soon.

Ben

--
 -----------=======-=-======-=========-----------=====------------=-=------
/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`  bcollins () debian org  --  bcollins () openldap org  --  bcollins () linux com  '
 `---=========------=======-------------=-=-----=-===-======-------=--=---'

Current thread:

Very probable remote root vulnerability in cfengine Pekka Savola (Oct 02)
- Re: Very probable remote root vulnerability in cfengine Ben Collins (Oct 02)
- <Possible follow-ups>
- Re: Very probable remote root vulnerability in cfengine Shaun Clowes (Oct 02)
  - Re: Very probable remote root vulnerability in cfengine Sergey Kogan (Oct 03)
  - Re: Very probable remote root vulnerability in cfengine David LeBlanc (Oct 03)
  - Re: Very probable remote root vulnerability in cfengine Scott Gifford (Oct 03)