gpsd < 2.8 gpsd_report() Function Remote Format String

high Nessus Network Monitor Plugin ID 2559

Synopsis

The remote host is vulnerable to a remote 'format string' flaw.

Description

The remote host is running GPSD, a daemon that monitors a GPS device
and publishes its data over the network.

The remote version of this software is vulnerable to format string attack
due to the way it uses the syslog() call. An attacker may exploit this flaw
to execute arbitrary code on the remote host.

Solution

Upgrade to gpsd 2.8 or higher.

See Also

http://archives.neohapsis.com/archives/fulldisclosure/2005-01/0770.html

http://www.mail-archive.com/[email protected]/msg02103.html

Plugin Details

Severity: High

ID: 2559

Family: Generic

Published: 1/27/2005

Updated: 3/6/2019

Nessus ID: 16265

Risk Information

VPR

Risk Factor: Medium

Score: 6.8

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 7.5

Vector: CVSS2#AV:A/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 8.3

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:W/RC:X

Vulnerability Information

CPE: cpe:/a:gpsd_project:gpsd

Reference Information

CVE: CVE-2004-1388

BID: 12371