Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » SCO CSSA-2003-015.0: multiple vulnerabilities in apcupsd

SCO CSSA-2003-015.0: multiple vulnerabilities in apcupsd

by Nikola Strahija on March 26th, 2003 A vulnerability in apcupsd allows remote attackers to gain root privileges, cause denial of service or execute arbitrary code, related to usage of the vsprintf function.


SCO Security Advisory

Subject: Linux: apcupsd remote root vulnerability and buffer overflows
Advisory number: CSSA-2003-015.0
Issue date: 2003 March 25
Cross reference:
______________________________________________________________________________


1. Problem Description

From the CVE candidate desciptions:

A vulnerability in apcupsd allows remote attackers to gain
root privileges, possibly via format strings in a request to a
slave server.

Multiple buffer overflows in apcupsd may allow attackers to
cause a denial of service or execute arbitrary code, related
to usage of the vsprintf function.


2. Vulnerable Supported Versions

System Package
----------------------------------------------------------------------

OpenLinux 3.1.1 Server prior to apcupsd-3.8.6-1.i386.rpm
prior to apcupsd-cgi-3.8.6-1.i386.rpm
prior to apcupsd-powerflute-3.8.6-1.i386.rpm

OpenLinux 3.1 Server prior to apcupsd-3.8.6-1.i386.rpm
prior to apcupsd-cgi-3.8.6-1.i386.rpm
prior to apcupsd-powerflute-3.8.6-1.i386.rpm


3. Solution

The proper solution is to install the latest packages. Many
customers find it easier to use the Caldera System Updater, called
cupdate (or kcupdate under the KDE environment), to update these
packages rather than downloading and installing them by hand.


4. OpenLinux 3.1.1 Server

4.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-015.0/RPMS

4.2 Packages

a2c0d41800f62383c65f77858f0c3898 apcupsd-3.8.6-1.i386.rpm
13800369e6a5712eb02f00514e05eaf0 apcupsd-cgi-3.8.6-1.i386.rpm
c6744b9f001474a9bb1dd9f59d3edbcd apcupsd-powerflute-3.8.6-1.i386.rpm

4.3 Installation

rpm -Fvh apcupsd-3.8.6-1.i386.rpm
rpm -Fvh apcupsd-cgi-3.8.6-1.i386.rpm
rpm -Fvh apcupsd-powerflute-3.8.6-1.i386.rpm

4.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1.1/Server/CSSA-2003-015.0/SRPMS

4.5 Source Packages

2efb5f90e0c02ffc08340308d29bc1bf apcupsd-3.8.6-1.src.rpm


5. OpenLinux 3.1 Server

5.1 Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-015.0/RPMS

5.2 Packages

2c04bd609f4b1949c56556719928ff50 apcupsd-3.8.6-1.i386.rpm
048ad400cb7c9a80ba16798ecde20c4a apcupsd-cgi-3.8.6-1.i386.rpm
d8de392566a69a95f5e230af51918839 apcupsd-powerflute-3.8.6-1.i386.rpm

5.3 Installation

rpm -Fvh apcupsd-3.8.6-1.i386.rpm
rpm -Fvh apcupsd-cgi-3.8.6-1.i386.rpm
rpm -Fvh apcupsd-powerflute-3.8.6-1.i386.rpm

5.4 Source Package Location

ftp://ftp.sco.com/pub/updates/OpenLinux/3.1/Server/CSSA-2003-015.0/SRPMS

5.5 Source Packages

1d6fcff1a24702cc60ec0779a6512e0a apcupsd-3.8.6-1.src.rpm


6. References

Specific references for this advisory:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0099

SCO security resources:

http://www.sco.com/support/security/index.html

This security fix closes SCO incidents sr876044, fz527560,
erg712268.


7. Disclaimer

SCO is not responsible for the misuse of any of the information
we provide on this website and/or through our security
advisories. Our advisories are a service to our customers intended
to promote secure installation and use of SCO products.


8. Acknowledgements

Highspeed Junkie (http://hsj.shadowpenguin.org/) discovered
and researched the slave server vulnerability.

______________________________________________________________________________


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »