Insecure Process ID Storage in APC UPS Daemon (apcupsd) Allows Arbitrary Process Termination

Insecure Process ID Storage in APC UPS Daemon (apcupsd) Allows Arbitrary Process Termination

CVE-2001-0040 · LOW Severity

AV:L/AC:L/AU:N/C:N/I:N/A:P

APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file.

Learn more about our User Device Pen Test.