Berlios GPSD Remote Format String Vulnerability
BID:12371
Info
Berlios GPSD Remote Format String Vulnerability
| Bugtraq ID: | 12371 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 26 2005 12:00AM |
| Updated: | Jan 09 2007 07:01PM |
| Credit: | Discovery of this vulnerability is credited to KF <kf_listsdigitalmunition.com> |
| Vulnerable: |
Berlios gpsd 1.90 Berlios gpsd 1.20 Berlios gpsd 1.10 |
| Not Vulnerable: | |
Discussion
Berlios GPSD Remote Format String Vulnerability
Multiple instances of format-string-handling bugs are reported to residein gpsd, but only one of these issues is reported to be exploitable.
Remote attackers may be able to leverage this issue to influence the affected daemon's execution flow and execute arbitrary code.
Multiple instances of format-string-handling bugs are reported to residein gpsd, but only one of these issues is reported to be exploitable.
Remote attackers may be able to leverage this issue to influence the affected daemon's execution flow and execute arbitrary code.
Exploit / POC
Berlios GPSD Remote Format String Vulnerability
An exploit to leverage this vulnerability has been developed by the discoverer of this issue.
A Metasploit module is also available.
An exploit to leverage this vulnerability has been developed by the discoverer of this issue.
A Metasploit module is also available.
Solution / Fix
Berlios GPSD Remote Format String Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if hyou are aware of more recent information, please mail us at: [email protected]:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if hyou are aware of more recent information, please mail us at: [email protected]:[email protected].