Vulnerability Name:

CVE-2005-2960 (CCN-22489)

Assigned:2005-10-03
Published:2005-10-03
Updated:2017-07-11
Summary:cfengine 1.6.5 and 2.1.16 allows local users to overwrite arbitrary files via a symlink attack on temporary files used by vicf.in, a different vulnerability than CVE-2005-3137.
CVSS v3 Severity:4.0 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:2.1 Low (CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
2.6 Low (CCN CVSS v2 Vector: AV:L/AC:H/Au:N/C:N/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-Other
Vulnerability Consequences:File Manipulation
References:Source: MISC
Type: Vendor Advisory
http://bugs.gentoo.org/show_bug.cgi?id=107871

Source: MITRE
Type: CNA
CVE-2005-2960

Source: MITRE
Type: CNA
CVE-2005-3137

Source: MISC
Type: Patch, Vendor Advisory
http://groups.google.com/group/gnu.cfengine.help/browse_thread/thread/fc25e7d98f8ba401/38151ed821803be0#38151ed821803be0

Source: CCN
Type: SA17037
Cfengine Insecure Temporary File Creation Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
17037

Source: SECUNIA
Type: UNKNOWN
17038

Source: SECUNIA
Type: UNKNOWN
17040

Source: SECUNIA
Type: UNKNOWN
17142

Source: SECUNIA
Type: UNKNOWN
17182

Source: SECUNIA
Type: UNKNOWN
17215

Source: CCN
Type: Cfengine Web site
Cfengine - a configuration engine for Unix and Windows

Source: DEBIAN
Type: Patch
DSA-835

Source: DEBIAN
Type: Patch
DSA-836

Source: DEBIAN
Type: DSA-835
cfengine -- insecure temporary files

Source: DEBIAN
Type: DSA-836
cfengine2 -- insecure temporary files

Source: MANDRIVA
Type: UNKNOWN
MDKSA-2005:184

Source: SUSE
Type: UNKNOWN
SUSE-SR:2005:023

Source: CCN
Type: OSVDB ID: 19819
Cfengine contrib/vicf.in Symlink Arbitrary File Overwrite

Source: CCN
Type: OSVDB ID: 19820
Cfengine cfmailfilter Symlink Arbitrary File Overwrite

Source: BID
Type: UNKNOWN
14994

Source: CCN
Type: BID-14994
GNU CFEngine Insecure Temporary File Creation Vulnerability

Source: CCN
Type: USN-198-1
cfengine vulnerabilities

Source: UBUNTU
Type: UNKNOWN
USN-198-1

Source: XF
Type: UNKNOWN
cfengine-mulitple-file-symlink(22489)

Source: XF
Type: UNKNOWN
cfengine-mulitple-file-symlink(22489)

Source: SUSE
Type: SUSE-SR:2005:023
SUSE Security Summary Report

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gnu:cfengine:1.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:1.5.3-4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:1.6:a10:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:1.6:a11:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:1.6.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.5:b1:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.5:pre:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.5:pre2:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.7:p1:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.7:p2:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.7:p3:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.0.8:p1:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.1.0:a6:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.1.0:a8:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.1.0:a9:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.1.7:p1:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.1.16:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:alpha:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:amd64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:arm:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:hppa:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:ia-32:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:ia-64:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:m68k:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:mips:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:mipsel:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:ppc:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:s-390:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:sparc:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:gnu:cfengine:1.6.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnu:cfengine:2.1.16:*:*:*:*:*:*:*
  • AND
  • cpe:/o:debian:debian_linux:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:3.1:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006:*:*:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:10.1::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux:2006::x86-64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:3.0::x86_64:*:*:*:*:*
  • OR cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1::x86_64:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20052960
    V
    CVE-2005-2960
    2015-11-16
    oval:org.debian:def:835
    V
    insecure temporary files
    2005-10-01
    oval:org.debian:def:836
    V
    insecure temporary files
    2005-10-01
    BACK
    gnu cfengine 1.5
    gnu cfengine 1.5.3-4
    gnu cfengine 1.6 a10
    gnu cfengine 1.6 a11
    gnu cfengine 1.6.5
    gnu cfengine 2.0.0
    gnu cfengine 2.0.1
    gnu cfengine 2.0.2
    gnu cfengine 2.0.3
    gnu cfengine 2.0.4
    gnu cfengine 2.0.5
    gnu cfengine 2.0.5 b1
    gnu cfengine 2.0.5 pre
    gnu cfengine 2.0.5 pre2
    gnu cfengine 2.0.6
    gnu cfengine 2.0.7
    gnu cfengine 2.0.7 p1
    gnu cfengine 2.0.7 p2
    gnu cfengine 2.0.7 p3
    gnu cfengine 2.0.8
    gnu cfengine 2.0.8 p1
    gnu cfengine 2.1.0 a6
    gnu cfengine 2.1.0 a8
    gnu cfengine 2.1.0 a9
    gnu cfengine 2.1.7 p1
    gnu cfengine 2.1.8
    gnu cfengine 2.1.9
    gnu cfengine 2.1.16
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    debian debian linux 3.1
    gnu cfengine 1.6.5
    gnu cfengine 2.1.16
    debian debian linux 3.0
    mandrakesoft mandrake linux corporate server 2.1
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux corporate server 3.0
    debian debian linux 3.1
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux 10.1
    mandrakesoft mandrake linux 2006
    mandrakesoft mandrake linux corporate server 3.0
    mandrakesoft mandrake linux corporate server 2.1