Lucene search
MitreCVE-2014-2534HistoryMar 18, 2014 - 5:18 a.m.
CVE-2014-2534
2014-03-1805:18:19
CWE-264
mitre
web.nvd.nist.gov
29
cve-2014-2534
blackberry
qnx neutrino rtos
vulnerability
sensitive information disclosure
CVSS2
4.9
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.001
Percentile
20.3%
/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading “bad parameter” lines in error messages, as demonstrated by reading the root password hash in /etc/shadow.
Affected configurations
Node
blackberryqnx_neutrino_rtosMatch6.4.1
ORblackberryqnx_neutrino_rtosMatch6.5.0
ORblackberryqnx_neutrino_rtosMatch6.5.0sp1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| blackberry | qnx_neutrino_rtos | 6.4.1 | cpe:2.3:o:blackberry:qnx_neutrino_rtos:6.4.1:*:*:*:*:*:*:* |
| blackberry | qnx_neutrino_rtos | 6.5.0 | cpe:2.3:o:blackberry:qnx_neutrino_rtos:6.5.0:*:*:*:*:*:*:* |
| blackberry | qnx_neutrino_rtos | 6.5.0 | cpe:2.3:o:blackberry:qnx_neutrino_rtos:6.5.0:sp1:*:*:*:*:*:* |
Related
prion
prion
Design/Logic Flaw
2014-03-18 05:18:00
exploitdb
exploitdb
QNX 6.4.x/6.5.x pppoectl - Information Disclosure
2014-03-10 00:00:00
cvelist
cvelist
CVE-2014-2534
2014-03-18 01:00:00
nvd
nvd
CVE-2014-2534
2014-03-18 05:18:19
CVSS2
4.9
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:L/Au:N/C:C/I:N/A:N
AI Score
6.1
Confidence
Low
EPSS
0.001
Percentile
20.3%
Related for CVE-2014-2534