Published: 03/03/2003 Updated: 10/09/2008
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Summary

Multiple buffer overflows in apcupsd prior to 3.8.6, and 3.10.x prior to 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.

Affected Products

Vendor Product Versions

Vendor Advisories

The controlling and management daemon apcupsd for APC's Unbreakable Power Supplies is vulnerable to several buffer overflows and format string attacks These bugs can be exploited remotely by an attacker to gain root access to the machine apcupsd is running on For the stable distribution (woody) this problem has been fixed in version 385-111 ...