Gain a shell remotely : apcupsd < 3.8.6 / 3.10.x < 3.10.5 Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.80014

Categoría: Gain a shell remotely

Título: apcupsd < 3.8.6 / 3.10.x < 3.10.5 Multiple Vulnerabilities

Resumen: apcupsd is prone to multiple vulnerabilities.

Descripción: Summary:
apcupsd is prone to multiple vulnerabilities.

Vulnerability Insight:
The following vulnerabilities exist:

- CVE-2001-0040: APC UPS daemon, apcupsd, saves its process ID in a world-writable file.

- CVE-2003-0098: Unknown vulnerability possibly via format strings in a request to a slave server.

- CVE-2003-0099: Multiple buffer overflows related to usage of the vsprintf function.

Vulnerability Impact:
- CVE-2001-0040: allows local users to kill an arbitrary process
by specifying the target process ID in the apcupsd.pid file.

- CVE-2003-0098: allows remote attackers to gain root privileges.

- CVE-2003-0099: may allow attackers to cause a denial of service or execute arbitrary code.

Affected Software/OS:
apcupsd versions prior to 3.8.6, and 3.10.x prior to 3.10.5.

Solution:
Update to version 3.8.6, 3.10.5 or later.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2001-0040
BugTraq ID: 2070
http://www.securityfocus.com/bid/2070
Bugtraq: 20001206 apcupsd 3.7.2 Denial of Service (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2000-12/0066.html
http://www.linux-mandrake.com/en/security/MDKSA-2000-077.php3
XForce ISS Database: apc-apcupsd-dos(5654)
https://exchange.xforce.ibmcloud.com/vulnerabilities/5654
Common Vulnerability Exposure (CVE) ID: CVE-2003-0098
BugTraq ID: 6828
http://www.securityfocus.com/bid/6828
BugTraq ID: 7200
http://www.securityfocus.com/bid/7200
Caldera Security Advisory: CSSA-2003-015.0
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-015.0.txt
Debian Security Information: DSA-277 (Google Search)
http://www.debian.org/security/2003/dsa-277
http://www.mandriva.com/security/advisories?name=MDKSA-2003:018
http://hsj.shadowpenguin.org/misc/apcupsd_exp.txt
http://securitytracker.com/id?1006108
SuSE Security Announcement: SuSE-SA:2003:022 (Google Search)
http://www.novell.com/linux/security/advisories/2003_022_apcupsd.html
http://www.iss.net/security_center/static/11334.php
Common Vulnerability Exposure (CVE) ID: CVE-2003-0099
http://www.iss.net/security_center/static/11491.php

Copyright Copyright (C) 2003 Renaud Deraison

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.80014
Categoría:	Gain a shell remotely
Título:	apcupsd < 3.8.6 / 3.10.x < 3.10.5 Multiple Vulnerabilities
Resumen:	apcupsd is prone to multiple vulnerabilities.
Descripción:	Summary: apcupsd is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2001-0040: APC UPS daemon, apcupsd, saves its process ID in a world-writable file. - CVE-2003-0098: Unknown vulnerability possibly via format strings in a request to a slave server. - CVE-2003-0099: Multiple buffer overflows related to usage of the vsprintf function. Vulnerability Impact: - CVE-2001-0040: allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file. - CVE-2003-0098: allows remote attackers to gain root privileges. - CVE-2003-0099: may allow attackers to cause a denial of service or execute arbitrary code. Affected Software/OS: apcupsd versions prior to 3.8.6, and 3.10.x prior to 3.10.5. Solution: Update to version 3.8.6, 3.10.5 or later. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2001-0040 BugTraq ID: 2070 http://www.securityfocus.com/bid/2070 Bugtraq: 20001206 apcupsd 3.7.2 Denial of Service (Google Search) http://archives.neohapsis.com/archives/bugtraq/2000-12/0066.html http://www.linux-mandrake.com/en/security/MDKSA-2000-077.php3 XForce ISS Database: apc-apcupsd-dos(5654) https://exchange.xforce.ibmcloud.com/vulnerabilities/5654 Common Vulnerability Exposure (CVE) ID: CVE-2003-0098 BugTraq ID: 6828 http://www.securityfocus.com/bid/6828 BugTraq ID: 7200 http://www.securityfocus.com/bid/7200 Caldera Security Advisory: CSSA-2003-015.0 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-015.0.txt Debian Security Information: DSA-277 (Google Search) http://www.debian.org/security/2003/dsa-277 http://www.mandriva.com/security/advisories?name=MDKSA-2003:018 http://hsj.shadowpenguin.org/misc/apcupsd_exp.txt http://securitytracker.com/id?1006108 SuSE Security Announcement: SuSE-SA:2003:022 (Google Search) http://www.novell.com/linux/security/advisories/2003_022_apcupsd.html http://www.iss.net/security_center/static/11334.php Common Vulnerability Exposure (CVE) ID: CVE-2003-0099 http://www.iss.net/security_center/static/11491.php
Copyright	Copyright (C) 2003 Renaud Deraison