Network Ups Tools · Network Ups Tools · CVE-2012-2944
**Name of the Vulnerable Software and Affected Versions**
Network UPS Tools (NUT) versions prior to 2.6.4
nut versions prior to 2.6.3
**Description**
The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely. A buffer overflow in the `addchar` function in `common/parseconf.c` in `upsd` allows remote attackers to execute arbitrary code or cause a denial of service.
**Recommendations**
For versions prior to 2.6.4, update to version 2.6.4 or later to resolve the issue.
For versions prior to 2.6.3, update to version 2.6.3 or later to resolve the issue.
As a temporary workaround, consider restricting access to the `addchar` function in `common/parseconf.c` to minimize the risk of exploitation.