FreeBSD47F13540-C4CB-4971-8DC6-28D0DABFD9CDnut -- upsd can be remotely crashed
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.092 Low
EPSS
Percentile
94.6%
Networkupstools project reports:
NUT server (upsd), from versions 2.4.0 to 2.6.3, are exposed to
crashes when receiving random data from the network.
This issue is related to the way NUT parses characters, especially
from the network. Non printable characters were missed from strings
operation (such as strlen), but still copied to the buffer, causing
an overflow.
Related
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.092 Low
EPSS
Percentile
94.6%