CVE-2012-2944

Name of the Vulnerable Software and Affected Versions Network UPS Tools (NUT) versions prior to 2.6.4 nut versions prior to 2.6.3

Description The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely. A buffer overflow in the addchar function in common/parseconf.c in upsd allows remote attackers to execute arbitrary code or cause a denial of service.

Recommendations For versions prior to 2.6.4, update to version 2.6.4 or later to resolve the issue. For versions prior to 2.6.3, update to version 2.6.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the addchar function in common/parseconf.c to minimize the risk of exploitation.