QNX Neutrino RTOS passwd First Parameter Local Overflow

2006-02-07T08:02:54
ID OSVDB:22959
Type osvdb
Reporter Texonet()
Modified 2006-02-07T08:02:54

Description

Vulnerability Description

A local overflow exists in QNX Neutrino RTOS. The 'passwd' binary fails to properly check user-supplied input as the first argument to the program resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code with root priveleges.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: restrict access to the passwd binary

Short Description

A local overflow exists in QNX Neutrino RTOS. The 'passwd' binary fails to properly check user-supplied input as the first argument to the program resulting in a buffer overflow. With a specially crafted request, an attacker can cause the execution of arbitrary code with root priveleges.

References:

Vendor URL: http://www.qnx.com/products/rtos/ Security Tracker: 1015599 Secunia Advisory ID:18750 Other Advisory URL: http://www.idefense.com/intelligence/vulnerabilities/display.php?id=388 Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2006-02/0123.html ISS X-Force ID: 24551 FrSIRT Advisory: ADV-2006-0474 CVE-2006-0621