Vulnerabilities > GNU > Cfengine > 1.6

DATE CVE VULNERABILITY TITLE RISK
2005-10-05 CVE-2005-2960 cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.
local
low complexity
gnu debian
2.1
2.1
2000-12-19 CVE-2000-0947 Unspecified vulnerability in GNU Cfengine 1.5/1.5.34/1.6
Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execute arbitrary commands via format characters in the CAUTH command.
network
low complexity
gnu
critical
 10.0
10