CVE-2004-1388

Publication date 31 December 2004

Last updated 17 July 2025

Ubuntu priority

Format string vulnerability in the gpsd_report function for BerliOS GPD daemon (gpsd, formerly pygps) 1.9.0 through 2.7 allows remote attackers to execute arbitrary code via certain GPS requests containing format string specifiers that are not properly handled in syslog calls.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
gpsd	7.04 feisty	Fixed 2.30-1ubuntu3
	6.10 edgy	Fixed 2.30-1ubuntu3
	6.06 LTS dapper	Fixed 2.30-1ubuntu3

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2004-1388