Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls.
References
Configurations
Configuration 1 (hide)
|
History
20 Nov 2024, 23:50
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.berlios.de/pipermail/gpsd-announce/2005-January/000018.html - Patch | |
References | () http://marc.info/?l=bugtraq&m=110677341711505&w=2 - | |
References | () http://www.digitalmunition.com/DMA%5B2005-0125a%5D.txt - Exploit | |
References | () http://www.mail-archive.com/debian-bugs-closed%40lists.debian.org/msg02103.html - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/19079 - |
Information
Published : 2004-12-31 05:00
Updated : 2024-11-20 23:50
NVD link : CVE-2004-1388
Mitre link : CVE-2004-1388
CVE.ORG link : CVE-2004-1388
JSON object : View
Products Affected
berlios
- gps_daemon
CWE