Lucene search

[email protected]CVE-2004-1390

HistoryDec 31, 2004 - 5:00 a.m.

CVE-2004-1390

2004-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2004-1390

buffer overflow

pppoed

qnx rtp 6.1

remote code execution

security vulnerability

nvd

8.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.042 Low

EPSS

Percentile

92.2%

JSON

Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the (1) -F, (2) name, (3) en, (4) upscript, (5) downscript, (6) retries, (7) timeout, (8) scriptdetach, (9) noscript, (10) nodetach, (11) remote_mac, or (12) local_mac flags.

CPENameOperatorVersion
qnx:rtosqnx rtoseq6.2.0
qnx:rtpqnx rtpeq6.1
qnx:rtosqnx rtoseq4.25
qnx:rtosqnx rtoseq6.2.0a
qnx:rtosqnx rtoseq2.4
qnx:rtosqnx rtoseq6.1.0

CPE	Name	Operator	Version
qnx:rtos	qnx rtos	eq	6.2.0
qnx:rtp	qnx rtp	eq	6.1
qnx:rtos	qnx rtos	eq	4.25
qnx:rtos	qnx rtos	eq	6.2.0a
qnx:rtos	qnx rtos	eq	2.4
qnx:rtos	qnx rtos	eq	6.1.0

References

archives.neohapsis.com/archives/fulldisclosure/2004-09/0155.html

www.kb.cert.org/vuls/id/961686

www.rfdslabs.com.br/qnx-advs-01-2004.txt

www.securityfocus.com/bid/11104

exchange.xforce.ibmcloud.com/vulnerabilities/17280

8.6 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.042 Low

EPSS

Percentile

92.2%

JSON

Related for CVE-2004-1390

cvelist1