CVE-2004-1388

Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://lists.berlios.de/pipermail/gpsd-announce/2005-January/000018.html	Patch
http://marc.info/?l=bugtraq&m=110677341711505&w=2
http://www.digitalmunition.com/DMA%5B2005-0125a%5D.txt	Exploit
http://www.mail-archive.com/debian-bugs-closed%40lists.debian.org/msg02103.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/19079
http://lists.berlios.de/pipermail/gpsd-announce/2005-January/000018.html	Patch
http://marc.info/?l=bugtraq&m=110677341711505&w=2
http://www.digitalmunition.com/DMA%5B2005-0125a%5D.txt	Exploit
http://www.mail-archive.com/debian-bugs-closed%40lists.debian.org/msg02103.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/19079

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:berlios:gps_daemon:1.9.0:::::::*
	cpe:2.3:a:berlios:gps_daemon:1.25:::::::*
	cpe:2.3:a:berlios:gps_daemon:1.26:::::::*
	cpe:2.3:a:berlios:gps_daemon:1.91:::::::*
	cpe:2.3:a:berlios:gps_daemon:1.92:::::::*
	cpe:2.3:a:berlios:gps_daemon:1.93:::::::*
	cpe:2.3:a:berlios:gps_daemon:1.94:::::::*
	cpe:2.3:a:berlios:gps_daemon:1.95:::::::*
	cpe:2.3:a:berlios:gps_daemon:1.96:::::::*
	cpe:2.3:a:berlios:gps_daemon:1.97:::::::*
	cpe:2.3:a:berlios:gps_daemon:1.98:::::::*
	cpe:2.3:a:berlios:gps_daemon:2.0:::::::*
	cpe:2.3:a:berlios:gps_daemon:2.1:::::::*
	cpe:2.3:a:berlios:gps_daemon:2.2:::::::*
	cpe:2.3:a:berlios:gps_daemon:2.3:::::::*
	cpe:2.3:a:berlios:gps_daemon:2.4:::::::*
	cpe:2.3:a:berlios:gps_daemon:2.7:::::::*

History

20 Nov 2024, 23:50

Type	Values Removed	Values Added
References	~~() http://lists.berlios.de/pipermail/gpsd-announce/2005-January/000018.html - Patch~~	() http://lists.berlios.de/pipermail/gpsd-announce/2005-January/000018.html - Patch
References	~~() http://marc.info/?l=bugtraq&m=110677341711505&w=2 -~~	() http://marc.info/?l=bugtraq&m=110677341711505&w=2 -
References	~~() http://www.digitalmunition.com/DMA%5B2005-0125a%5D.txt - Exploit~~	() http://www.digitalmunition.com/DMA%5B2005-0125a%5D.txt - Exploit
References	~~() http://www.mail-archive.com/debian-bugs-closed%40lists.debian.org/msg02103.html -~~	() http://www.mail-archive.com/debian-bugs-closed%40lists.debian.org/msg02103.html -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/19079 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/19079 -

Information

Published : 2004-12-31 05:00

Updated : 2025-04-03 01:03

NVD link : CVE-2004-1388

Mitre link : CVE-2004-1388

CVE.ORG link : CVE-2004-1388

JSON object : View

Products Affected

berlios

gps_daemon

CWE

NVD-CWE-Other

{"id": "CVE-2004-1388", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": true, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2004-12-31T05:00:00.000", "references": [{"url": "http://lists.berlios.de/pipermail/gpsd-announce/2005-January/000018.html", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=110677341711505&w=2", "source": "cve@mitre.org"}, {"url": "http://www.digitalmunition.com/DMA%5B2005-0125a%5D.txt", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.mail-archive.com/debian-bugs-closed%40lists.debian.org/msg02103.html", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19079", "source": "cve@mitre.org"}, {"url": "http://lists.berlios.de/pipermail/gpsd-announce/2005-January/000018.html", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=110677341711505&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.digitalmunition.com/DMA%5B2005-0125a%5D.txt", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.mail-archive.com/debian-bugs-closed%40lists.debian.org/msg02103.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19079", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:berlios:gps_daemon:1.9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F1BF5B43-E991-499C-8486-3C3D10FF3838"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:1.25:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "98CB56A2-F595-4E6A-857E-3752BB11FCFF"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:1.26:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DCD5473A-D42A-4898-82D7-D6876702CA6C"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:1.91:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D1BE9813-7D38-4846-A6F7-DCB46BADFCCD"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:1.92:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FCEC3092-B77C-46EA-B885-82BDCA5FD73A"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:1.93:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "217F2CD2-F88E-4BDA-B112-EC71E6AFE222"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:1.94:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1BE9DA6B-F330-4FB4-8E92-50B24444B049"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:1.95:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2E49EFDE-9FE7-4C0F-B0B2-947F3748E549"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:1.96:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "76771AAF-8D1B-4E38-98EB-D61055F22157"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:1.97:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0FD194D6-B291-4572-83EF-4D6C411428C9"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:1.98:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14AC539E-FD65-4E93-B2D5-9ABAE8B9D94C"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "119AC07F-DE36-4BB5-A359-A11846147BEE"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:2.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C971C2DE-924A-4488-BB14-5516013E19E5"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:2.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "443BF6C5-95DA-4F5B-B664-7CED2F28C389"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:2.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C3ABA05A-BEC5-49EF-9A37-309FEE10B56A"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:2.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "950A0BC0-6B60-48EA-887E-B6FFA6F58099"}, {"criteria": "cpe:2.3:a:berlios:gps_daemon:2.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CF452D8-F3B8-4F81-98EF-344562B962B6"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}

7.5 /10