ifwatchd Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges on QNX 6.4.x and 6.5.x systems by exploiting the ifwatchd suid executable. ifwatchd allows users to specify scripts to execute using the '-A' command line argument; however, it does not drop privileges when executing user-supplied scripts,...

ifwatchd - Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ifwatchd Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on QNX 6.4.x and 6.5.x systems by exploiting the...

ifwatchd Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ifwatchd Privilege Escalation', 'Description' = %q This module attempts to gain root privileges on QNX 6.4.x and 6.5.x systems by exploiting the...

ifwatchd Privilege Escalation

This module attempts to gain root privileges on QNX 6.4.x and 6.5.x systems by exploiting the ifwatchd suid executable. ifwatchd allows users to specify scripts to execute using the '-A' command line argument; however, it does not drop privileges when executing user-supplied scripts, resulting in...

CVE-2014-2533

The CVE-2014-2533 issue affects BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x, where /sbin/ifwatchd can be exploited locally to gain privileges. The vulnerability arises from ifwatchd accepting an arbitrary program name via a command-line argument and failing to drop privileges when executing user...