- Package name
- Advisory ID
- Affected versions
- 7.2 i586
A problem exists with the apcupsd daemon. During startup, apcupsd creates a PID file in /var/run with the ID of the daemon process. This file is used by the shutdown script to kill the daemon process. The /var/run/apcupsd.pid file is created with mode 666 permissions, meaning it is world-writeable. A malicious user can overwrite the file with arbitrary process IDs and those proceses will be killed instead of the apcupsd process during the restart or stop of the apcupsd daemon.
13d0d7582dc9539fd43165caea173bc0 7.2/RPMS/apcupsd-3.8.0-1.1mdk.i586.rpm 4312c2eea1bc86e720c05be44555bd83 7.2/SRPMS/apcupsd-3.8.0-1.1mdk.src.rpm