Package: gpsdrive Version: 2.10~pre4-6.dfsg-1 Tags: security Severity: important
Hi,
I have found three other attack vectors:
/usr/share/doc/gpsdrive/examples/gpssmswatch:
> FILE=/tmp/.smswatch
> while [ 1 = 1 ]
> do
> gnokii --getsms SM 1 > $FILE
> if [ $? = "0" ];then
> gnokii --deletesms SM 1
> fi
> grep PLSSENDPOS $FILE
> if [ $? = "0" ];then
> echo -e "position request found\n"
> NUMBER=`grep Sender /tmp/.smswatch|awk '{print $2}'`
> killall -USR1 gpsdrive
>
> echo "sending "
> cat /tmp/gpsdrivepos
> echo -e "to number $NUMBER\n"
> gnokii --sendsms $NUMBER < /tmp/gpsdrivepos
src/splash.c
> f = fopen ("/tmp/gpsdrivepos", "w");
> if (f == NULL)
> {
> perror ("/tmp/gpsdrivepos");
> return;
> }
> time (&t);
> ts = localtime (&t);
> fprintf (f, asctime (ts));
> fprintf (f, "POS %f %f\n", coords.current_lat, coords.current_lon);
> fclose (f);
src/unit_test.c:
> g_snprintf (dir_proc, sizeof (dir_proc), "/tmp/gpsdrive-unit-test");
> g_snprintf (dir_proc, sizeof (dir_proc), "/tmp/gpsdrive-unit-test/proc");
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
