Bug 826489 (CVE-2012-2944)

Summary: CVE-2012-2944 nut: Heap-based buffer overflow due improper processing of non-printable characters in random network data
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: bressers, jrusnack, mhlavink, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard: impact=moderate,public=20120530,reported=20120530,source=distros,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,fedora-all/nut=affected,epel-all/nut=affected,cwe=CWE-135->CWE-122
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 826933, 826934    
Bug Blocks:    

Description Jan Lieskovsky 2012-05-30 06:46:59 EDT
A heap-based buffer overflow flaw was found in the way upsd server of NUT, a network UPS tools suite, processed non-printable characters, being present in data received from the network. A remote attacker could provide a specially-crafted packet, that when processed by the upsd server would lead to upsd executable crash, or, potentially arbitrary code execution with the privileges of the user running upsd.

References:
[1] http://trac.networkupstools.org/projects/nut/changeset/3633
[2] https://alioth.debian.org/tracker/index.php?func=detail&aid=313636&group_id=30602&atid=411542
Comment 5 Jan Lieskovsky 2012-05-31 05:18:22 EDT
Public via:
[3] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=675203
Comment 6 Jan Lieskovsky 2012-05-31 05:20:21 EDT
Created nut tracking bugs for this issue

Affects: fedora-all [bug 826933]
Affects: epel-all [bug 826934]
Comment 7 Fedora Update System 2012-06-14 20:19:42 EDT
nut-2.6.3-4.fc15 has been pushed to the Fedora 15 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2012-06-14 20:25:15 EDT
nut-2.6.3-4.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2012-06-14 20:33:40 EDT
nut-2.6.3-4.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2012-06-19 13:03:19 EDT
nut-2.2.2-3.el5 has been pushed to the Fedora EPEL 5 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 11 Fedora Update System 2012-06-19 13:04:44 EDT
nut-2.6.3-4.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.