Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 419377 (CVE-2012-2944) - <sys-power/nut-2.6.3 upsd RCE/DoS (CVE-2012-2944)
Summary: <sys-power/nut-2.6.3 upsd RCE/DoS (CVE-2012-2944)
Alias: CVE-2012-2944
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa]
Depends on:
Reported: 2012-06-02 16:46 UTC by Michael Weber (RETIRED)
Modified: 2012-09-27 20:13 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Michael Weber (RETIRED) gentoo-dev 2012-06-02 16:46:51 UTC

Debian issued an security announcement
Comment 1 Michael Weber (RETIRED) gentoo-dev 2012-06-02 18:27:50 UTC
Arches, please go ahead (without 30 days delay)

Target alpha amd64 ppc ppc64 sparc x86

Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2012-06-02 19:05:34 UTC
Arches, the package to stabilize is sys-power/nut-2.6.3.
Comment 3 Agostino Sarubbo gentoo-dev 2012-06-02 22:14:27 UTC
amd64 stable
Comment 4 Michael Weber (RETIRED) gentoo-dev 2012-06-03 16:16:40 UTC
ppc stable
Comment 5 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-06-08 11:32:51 UTC
x86 stable
Comment 6 Raúl Porcel (RETIRED) gentoo-dev 2012-06-09 19:07:14 UTC
alpha/sparc keywords dropped
Comment 7 Alexander Bezrukov 2012-08-26 04:45:40 UTC
The vulnerability exists in <sys-power/nut-2.6.4 (not 2.6.3 as it is written in the title of this bug).

The actual version now is sys-power/nut-2.6.5 (which contains another important fix which is not related to security: "any upssched.conf command that takes a second argument resulted in a defective frame sent to the parent process. Thus, the command was not executed").
Comment 8 Alexander Bezrukov 2012-08-26 05:18:34 UTC
(In reply to comment #7)
> The vulnerability exists in <sys-power/nut-2.6.4 (not 2.6.3)

Please ignore my previous comment. It's true that vulnerability is fixed in 2.6.4 upstream but the ebuild applies a patch to 2.6.3 in order to fix the vulnerability.
Comment 9 Kacper Kowalik (Xarthisius) (RETIRED) gentoo-dev 2012-09-20 11:54:09 UTC
ppc64 stable, last arch done
Comment 10 GLSAMaker/CVETool Bot gentoo-dev 2012-09-20 13:14:21 UTC
CVE-2012-2944 (
  Buffer overflow in the addchar function in common/parseconf.c in upsd in
  Network UPS Tools (NUT) before 2.6.4 allows remote attackers to execute
  arbitrary code or cause a denial of service (electric-power outage) via a
  long string containing non-printable characters.
Comment 11 Sean Amoss (RETIRED) gentoo-dev Security 2012-09-20 13:16:03 UTC
Thanks, everyone.

Filing a new GLSA request.
Comment 12 GLSAMaker/CVETool Bot gentoo-dev 2012-09-27 20:13:50 UTC
This issue was resolved and addressed in
 GLSA 201209-19 at
by GLSA coordinator Sean Amoss (ackle).