Buffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools (NUT) before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (electric-power outage) via a long string containing non-printable characters.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-119,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| networkupstools | nut | * |
| networkupstools | nut | 2.4.3 |
| networkupstools | nut | 2.6.0 |
| networkupstools | nut | 2.6.1-1 |
| networkupstools | nut | 2.6.3-1 |
| networkupstools | nut | 2.6.0-1 |
| networkupstools | nut | 2.6.1 |
| networkupstools | nut | 2.4.2 |