Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0098

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0098
Last Modified 10 Sep 2008 03:17:55
Published 03 Mar 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0098

Summary

Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.

Vulnerable Systems

Application

  • Apcupsd 3.10.4

  • Apcupsd 3.8.5


References

DEBIAN - DSA-277

BID - 7200

SUSE - SuSE-SA:2003:022

XF - apcupsd-logevent-format-string(11334)

CONFIRM - http://sourceforge.net/project/shownotes.php?release_id=137900

SECTRACK - 1006108

MISC - http://hsj.shadowpenguin.org/misc/apcupsd_exp.txt

CONFIRM - http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/apcupsd/apcupsd/src/apcnisd.c.diff?r1=1.5&r2=1.6

CALDERA - CSSA-2003-015.0

BID - 6828

MANDRAKE - MDKSA-2003:018


Last Updated: 27 May 2016 10:37:47