CyberSec.Space Logo
Back to CVE Browser

CVE-2001-0040

LOW
2.1
CVSS Severity Score
EPSS Score0.1500%
EPSS Percentile6.07th
PublishedFeb 16, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

APC UPS daemon, apcupsd, saves its process ID in a world-writable file, which allows local users to kill an arbitrary process by specifying the target process ID in the apcupsd.pid file.

Affected Platforms (CPE)

πŸ“¦
Apc

Apcupsd

= 3.7.2

References & Advisories

πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-12/0066.html
πŸ”— http://www.linux-mandrake.com/en/security/MDKSA-2000-077.php3
πŸ”— http://www.securityfocus.com/bid/2070
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5654
πŸ”— http://archives.neohapsis.com/archives/bugtraq/2000-12/0066.html
πŸ”— http://www.linux-mandrake.com/en/security/MDKSA-2000-077.php3
πŸ”— http://www.securityfocus.com/bid/2070
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/5654

Related Vulnerabilities

CVE-2003-009810.0

Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly...

CVE-2019-125859.8

Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and other products, has an Arbitrary Command Execution issue in apcu...

CVE-2017-78848.4

In Adam Kropelin adk0212 APC UPS Daemon through 3.14.14, the default installation of APCUPSD allows a local authenticated, but unp...

CVE-2003-00997.2

Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or e...