Mandrake Linux Security Advisory : apcupsd (MDKSA-2000:077)
Low Nessus Plugin ID 61863
SynopsisThe remote Mandrake Linux host is missing a security update.
DescriptionA problem exists with the apcupsd daemon. During startup, apcupsd creates a PID file in /var/run with the ID of the daemon process. This file is used by the shutdown script to kill the daemon process. The /var/run/apcupsd.pid file is created with mode 666 permissions, meaning it is world-writeable. A malicious user can overwrite the file with arbitrary process IDs and those proceses will be killed instead of the apcupsd process during the restart or stop of the apcupsd daemon.
SolutionUpdate the affected apcupsd package.