CVE-2004-1388

Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:berlios:gps_daemon:1.9.0:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:1.25:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:1.26:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:1.91:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:1.92:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:1.93:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:1.94:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:1.95:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:1.96:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:1.97:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:1.98:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:2.0:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:2.1:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:2.2:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:2.3:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:2.4:*:*:*:*:*:*:*
cpe:2.3:a:berlios:gps_daemon:2.7:*:*:*:*:*:*:*

History

07 Nov 2023, 01:56

Type Values Removed Values Added
References
  • {'url': 'http://www.mail-archive.com/debian-bugs-closed@lists.debian.org/msg02103.html', 'name': 'http://www.mail-archive.com/debian-bugs-closed@lists.debian.org/msg02103.html', 'tags': [], 'refsource': 'CONFIRM'}
  • () http://www.mail-archive.com/debian-bugs-closed%40lists.debian.org/msg02103.html -

Information

Published : 2004-12-31 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2004-1388

Mitre link : CVE-2004-1388

CVE.ORG link : CVE-2004-1388


JSON object : View

Products Affected

berlios

  • gps_daemon