Detections
Analytics

Powerd WHATIDO Variable Remote Overflow

high Nessus Network Monitor Plugin ID 3425

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is using Powerd, an open-source application, to monitor the UPS device. This version of Powerd is vulnerable to a remote overflow. An attacker exploiting this flaw will be able to execute arbitrary code on the target machine.

Solution

Block access to the powerd server port (532) from untrusted clients.

See Also

http://power.sourceforge.net

Plugin Details

Severity: High

ID: 3425

Family: Generic

Published: 2/10/2006

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Medium

Score: 6.3

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:power_daemon:power_daemon

Reference Information

CVE: CVE-2006-0681

BID: 16582