This script is Copyright (C) 2003-2011 Tenable Network Security, Inc.
The remote host is running an application which is affected by
The remote host is running the apcupsd client which, according to its
version number, is affected by multiple vulnerabilities :
- The configuration file '/var/run/apcupsd.pid' is by
default world-writable. A local attacker could re-write
this file with other process IDs in order to crash the
- An issue exists in the 'log_event' function which a
local attacker could exploit in order to execute
- Several buffer overflow vulnerabilities have been
reported which a remote attacker could exploit in order
to execute arbitrary code on the remote host.
*** Nessus solely relied on the version number of the
*** remote server, so this might be a false positive
See also :
Upgrading to acpupsd version 3.8.0 or newer reportedly fixes the issue.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : false
Family: Gain a shell remotely
Nessus Plugin ID: 11484 (apcupsd_overflows.nasl)
Bugtraq ID: 207068287200
CVE ID: CVE-2001-0040CVE-2003-0098CVE-2003-0099
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.