gpsd < 2.8 gpsd_report() Function Remote Format String

High Nessus Network Monitor Plugin ID 2559

Synopsis

The remote host is vulnerable to a remote 'format string' flaw.

Description

The remote host is running GPSD, a daemon that monitors a GPS device
and publishes its data over the network.

The remote version of this software is vulnerable to format string attack
due to the way it uses the syslog() call. An attacker may exploit this flaw
to execute arbitrary code on the remote host.

Solution

Upgrade to gpsd 2.8 or higher.

See Also

http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0770.html

http://www.mail-archive.com/[email protected]/msg02103.html

Plugin Details

Severity: High

ID: 2559

File Name: 2559.prm

Family: Generic

Published: 2005/01/27

Modified: 2016/11/23

Nessus ID: 16265

Risk Information

Risk Factor: High

CVSSv2

Base Score: 8.3

Temporal Score: 7.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:W/RC:ND

CVSSv3

Base Score: 8.7

Temporal Score: 8.2

Vector: CVSS3#AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:W/RC:X

Reference Information

BID: 12371

OSVDB: 13199