2 matches found
CVE-2001-0040
The CVE concerns apcupsd, where during startup the daemon creates /var/run/apcupsd.pid with world-writable permissions (mode 666). This allows a local attacker to overwrite the PID file with arbitrary process IDs, causing legitimate processes to be killed when apcupsd restarts or stops. The Mandr...
CVE-2003-0099
CVE-2003-0099 affects apcupsd prior to 3.8.6 and prior to 3.10.5 (3.10.x branches). The root cause is vulnerable use of vsprintf, leading to multiple buffer overflows. Consequences documented include possible denial of service and arbitrary code execution; some sources mention remote root access ...