Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2004-1388

Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls.

Related bugs and status

CVE-2004-1388 (Candidate) is related to these bugs:

Bug #1790855: [MIR] gpsd

Summary				In	Importance	Status
	1790855	[MIR] gpsd		gpsd (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.digitalmuni...
MLIST: [Gpsd-announce] 200501...
CONFIRM: http://www.mail-archiv...
BUGTRAQ: 20050126 DMA[2005-0125...
XF: gpsd-format-string(19079)