Lucene search

K

[email protected]CVE-2003-0098

HistoryMar 03, 2003 - 5:00 a.m.

CVE-2003-0098

2003-03-0305:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

28

apcupsd

vulnerability

remote attackers

root privileges

format strings

nvd

6.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

83.0%

Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.

CPENameOperatorVersion
apcupsd:apcupsdapcupsdlt3.10.5
apcupsd:apcupsdapcupsdlt3.8.6
debian:debian_linuxdebian debian linuxeq2.2
debian:debian_linuxdebian debian linuxeq3.0

References

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-015.0.txt

cvs.sourceforge.net/cgi-bin/viewcvs.cgi/apcupsd/apcupsd/src/apcnisd.c.diff?r1=1.5&r2=1.6

hsj.shadowpenguin.org/misc/apcupsd_exp.txt

securitytracker.com/id?1006108

sourceforge.net/project/shownotes.php?release_id=137900

www.debian.org/security/2003/dsa-277

www.iss.net/security_center/static/11334.php

www.mandriva.com/security/advisories?name=MDKSA-2003:018

www.novell.com/linux/security/advisories/2003_022_apcupsd.html

www.securityfocus.com/bid/6828

www.securityfocus.com/bid/7200

6.7 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

83.0%

Related for CVE-2003-0098

debiancve1 nessus4 suse1 openvas4 debian2 securityvulns1 osv1