FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
47f13540-c4cb-4971-8dc6-28d0dabfd9cdnut -- upsd can be remotely crashed

Networkupstools project reports:

NUT server (upsd), from versions 2.4.0 to 2.6.3, are exposed to crashes when receiving random data from the network.

This issue is related to the way NUT parses characters, especially from the network. Non printable characters were missed from strings operation (such as strlen), but still copied to the buffer, causing an overflow.


Discovery 2012-05-30
Entry 2012-05-30
nut
ge 2.4.0 le 2.6.3

CVE-2012-2944
http://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1027934.html
http://trac.networkupstools.org/projects/nut/changeset/3633