Published: 03/03/2003 Updated: 26/09/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Unknown vulnerability in apcupsd prior to 3.8.6, and 3.10.x prior to 3.10.5, allows remote malicious users to gain root privileges, possibly via format strings in a request to a slave server.

Vulnerable Product	Search on Vulmon	Subscribe to Product
apcupsd apcupsd
debian debian linux 2.2
debian debian linux 3.0

The controlling and management daemon apcupsd for APC's Unbreakable Power Supplies is vulnerable to several buffer overflows and format string attacks These bugs can be exploited remotely by an attacker to gain root access to the machine apcupsd is running on For the stable distribution (woody) this problem has been fixed in version 385-111 ...

NVD-CWE-Other http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/apcupsd/apcupsd/src/apcnisd.c.diff?r1=1.5&r2=1.6 http://www.debian.org/security/2003/dsa-277 http://hsj.shadowpenguin.org/misc/apcupsd_exp.txt http://sourceforge.net/project/shownotes.php?release_id=137900 http://www.novell.com/linux/security/advisories/2003_022_apcupsd.html ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-015.0.txt http://www.securityfocus.com/bid/7200 http://www.iss.net/security_center/static/11334.php http://securitytracker.com/id?1006108 http://www.mandriva.com/security/advisories?name=MDKSA-2003:018 http://www.securityfocus.com/bid/6828 https://nvd.nist.gov https://www.debian.org/security/./dsa-277

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2003-0098

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect