CVE
- Id
- 6928
- CVE No.
- CVE-2003-0099
- Status
- Candidate
- Description
- Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.
- Phase
- Modified (20071016)
- Votes
- ACCEPT(4) Armstrong, Cole, Green, Jones | NOOP(2) Christey, Cox
- Comments
- Christey> SUSE:SuSE-SA:2003:022 | CALDERA:CSSA-2003-015.0 | Christey> DEBIAN:DSA-277 | URL:http://www.debian.org/security/2003/dsa-277 | Christey> As observed in an email to us by a third party, it appears | that 3.8.6 is probably not affected by this, so the | description should be changed to refer to "3.10.x before | 3.10.5, and 3.8.x before 3.8.6". | Christey> An email from Kern Sibbald on August 21, 2003, confirmed that | 3.8.6 and 3.10.5 fixed the issue. | | CONFIRM:http://sourceforge.net/project/shownotes.php?release_id=137892
