|
Family: Gain a shell remotely --> Category: infos
gpsd remote format string vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks the version of the remote gpsd server
Detailed Explanation for this Vulnerability Test
The remote host is running GPSD, a daemon which monitors a GPS device
and publishes its data over the network.
The remote version of this software is vulnerable to format string attack
due to the way it uses the syslog() call. A possible hacker may exploit this flaw
to execute arbitrary code on the remote host.
Solution : Upgrade to gpsd 2.8 or newer
See also : http://gpsd.berlios.de/
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|