Mandrake Linux Security Advisory : apcupsd (MDKSA-2003:018)
Critical Nessus Plugin ID 14003
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA remote root vulnerability in slave setups and some buffer overflows in the network information server code were discovered by the apcupsd developers. They have been fixed in the latest unstable version, 3.10.5 which contains additional enhancements like USB support, and the latest stable version, 3.8.6.
There are a few changes that need to be noted, such as the port has changed from port 7000 to post 3551 for NIS, and the new config only allows access from the localhost. Users may need to modify their configuration files appropriately, depending upon their configuration.
SolutionUpdate the affected apcupsd package.