Home page logo

bugtraq logo Bugtraq mailing list archives

Re: APC UPS PowerChute PLUS exploit...
From: p () ZNET DE (Pascal Gienger)
Date: Mon, 13 Apr 1998 10:47:28 +0200

The PowerChute PLUS software distributed with the UPSs provides a TCP/IP
(UDP/IP) way to communicate with (for monitoring) UPS on the local subnet.
It listens on port 6549 and listens for broadcast requests (UDP).
So if you make as if you are actually requesting information, but send it
the wrong packet... Well end of ./_upsd (the name of the daemon).

This is a known problem. I experienced that behaviour already one year
ago when I installed our PowerChutes here.

I recommend using the freely availavle upsd without TCP/IP control. It
works well well with the PowerChute Series.

I spoke with APC (www.apcc.com) and they blew me off.  Forwarded the issue
to their techinical crew, but I never heard word again.

They are interested in their Windows NT stuff and that is all. :(

p () znet de                  Factum Data            - A woman without a man
http://pascal.znet.de/     Pascal Gienger         - is like a fish without
5734900 () skyper de (Subj!)  Inselg. 13, 78462 KN   - a bicycle...
        http://echo.znet.de:8888/ echo \8888:ed.tenz.ohce\\:ptth

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]