Re: APC UPS PowerChute PLUS exploit...

perryNEWS.VILL.EDU

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Aleph One: "MacOS based buffer overflows..."
• Previous message: Ryan Murray: "Re: MGE UPS Systems"
• Maybe in reply to: Theo Schlossnagle: "APC UPS PowerChute PLUS exploit..."
• Next in thread: Pascal Gienger: "Re: APC UPS PowerChute PLUS exploit..."

Theo Schlossnagle <jesusblaze.cs.jhu.edu> writes:
>The PowerChute PLUS software distributed with the UPSs provides a TCP/IP
>(UDP/IP) way to communicate with (for monitoring) UPS on the local subnet.
>It listens on port 6549 and listens for broadcast requests (UDP).
>So if you make as if you are actually requesting information, but send it
>the wrong packet... Well end of ./_upsd (the name of the daemon).

I believe that the powerchute software will not listen on the net if you
have the following in powerchute.ini

[ Network ]
 UseTCP = NO

I didn't yet try your exploit, but with UseTCP set to NO this machine doesn't
show up in the list of remote ups's when using the powerchute admin interface
from another machine on the same subnet.

...Rick         perryece.vill.edu, http://www.ece.vill.edu/~perry  [PGP]

• Next message: Aleph One: "MacOS based buffer overflows..."
• Previous message: Ryan Murray: "Re: MGE UPS Systems"
• Maybe in reply to: Theo Schlossnagle: "APC UPS PowerChute PLUS exploit..."
• Next in thread: Pascal Gienger: "Re: APC UPS PowerChute PLUS exploit..."