Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2004-1702

EPSS 1.75% · P83
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2004-1702

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The AuthenticationDialogue function in cfservd for Cfengine 2.0.0 to 2.1.7p1 does not properly check the return value of the ReceiveTransaction function, which leads to a failed malloc call and triggers to a null dereference, which allows remote attackers to cause a denial of service (crash).
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cfengine远程拒绝服务漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
cfengine(配置引擎)是一款UNIX 管理工具,是管理任务自动化。 cfengine AuthenticationDialogue()函数对返回值检查不充分,远程攻击者可以利用这个漏洞对服务进行拒绝服务攻击。 问题存在于AuthenticationDialogue()函数中,由于对ReceiveTransaction()返回值没有检查,然后此值用于调用malloc(),而且对返回值还是没有检查,最后返回的指针用于memcpy的目表参数。通常ReceiveTransaction()返回的值是整数,但是
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2004-1702

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2004-1702

登录查看更多情报信息。

Same Patch Batch · n/a · 2005-02-21 · 22 CVEs total

CVE-2005-0493bizmail.cgi CRLF注入漏洞
CVE-2005-0503UIM LibUIM 环境变量特权升级漏洞
CVE-2005-0502Xinkaa WEB网站目录遍历漏洞
CVE-2005-0501Bontago 游戏服务器远程别名缓冲区溢出漏洞
CVE-2005-0500Microsoft Internet Explorer弹出窗口标题栏欺骗漏洞
CVE-2005-0499Gigafast路由器 异常DNS查询拒绝服务漏洞
CVE-2005-0498Gigafast router 信息泄露漏洞
CVE-2005-0497ADP Elite System Max 9000 权限管理和访问控制漏洞
CVE-2005-0496Arkeia Client默认root用户口令漏洞
CVE-2005-0495ZeroBoard 多参数跨站攻击漏洞
CVE-2005-0494Thomason cable modem RgSecurity表单验证远程攻击漏洞
CVE-2003-1085Thomson Cable Modem远程拒绝服务攻击漏洞
CVE-2005-0492Adobe Acrobat Reader漏洞
CVE-2005-0491Arkeia Server Backup远程缓冲区溢出漏洞
CVE-2005-0490多个UNIX/LINUX厂商cURL/libcURL Kerberos验证缓冲区溢出漏洞
CVE-2005-0467PuTTY SFTP客户端包解析整数溢出漏洞
CVE-2005-0204Linux Kernel 权限管理和访问控制漏洞
CVE-2005-0092Red Hat Enterprise Linux 本地拒绝服务漏洞
CVE-2005-0091Red Hat Enterprise Linux Kernel 未明漏洞
CVE-2005-0090Red Hat Enterprise Linux Kernel多个漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2004-1702

No comments yet

Leave a comment