18 matches found
EUVD-2019-17243
Malware in sbrugna...
EUVD-2019-17244
Malware in sbrugna...
EUVD-2019-17247
Malware in sbrugna...
Format string
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The main shell handler function uses the value of the environment variable ipcom.shell.greeting as the first argument to printf. Setting this variable using the sysvar command results in a...
Format string
An issue was discovered in handleripcomshellpwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf without a proper check. An attacker may thus forge a path containin...
Format string
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the user controlled shell's prompt value, which is used as a format string input to printf, resulting in an information leak of memory addresses...
CVE-2019-7711
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the user controlled shell's prompt value, which is used as a format string input to printf, resulting in an information leak of memory addresses...
Heap overflow
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. There is a heap-based buffer overflow in the function responsible for printing the shell prompt, when a custom modifier is used to display information such as a process ID, IP address, or curren...
CVE-2019-7712
An issue was discovered in handleripcomshellpwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf without a proper check. An attacker may thus forge a path containin...
CVE-2019-7712
An issue was discovered in handleripcomshellpwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf without a proper check. An attacker may thus forge a path containin...
CVE-2019-7715
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The main shell handler function uses the value of the environment variable ipcom.shell.greeting as the first argument to printf. Setting this variable using the sysvar command results in a...
CVE-2019-7713
The vulnerability CVE-2019-7713 affects Green Hills INTEGRITY RTOS 5.0.4, specifically the Interpeak IPCOMShell TELNET server. A heap-based buffer overflow occurs in the function that prints the shell prompt when a custom modifier expands information (e.g., process ID, IP address, current directo...
CVE-2019-7713
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. There is a heap-based buffer overflow in the function responsible for printing the shell prompt, when a custom modifier is used to display information such as a process ID, IP address, or curren...
CVE-2019-7712
An issue was discovered in handleripcomshellpwd in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. When using the pwd command, the current working directory path is used as the first argument to printf without a proper check. An attacker may thus forge a path containin...
CVE-2019-7711
An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. The undocumented shell command "prompt" sets the user controlled shell's prompt value, which is used as a format string input to printf, resulting in an information leak of memory addresses...
CVE-2019-7711
CVE-2019-7711 affects the Interpeak IPCOMShell TELNET server in Green Hills INTEGRITY RTOS 5.0.4. The vulnerability arises from an undocumented shell command, "prompt", which sets the shell’s prompt value and is used as a format string input to printf, enabling an information leak of memory addre...
Green Hills INTEGRITY RTOS Heap Buffer Overflow Vulnerability
INTEGRITY is a real-time operating system RTOS from Green Hills Software. A heap buffer overflow vulnerability exists in the Interpeak IPCOMShell TELNET server function in Green Hills INTEGRITY RTOS 5.0.4, which is responsible for printing the shell prompt when a custom modifier is used to displa...
PT-2019-18715 · Interpeak +1 · Interpeak Ipcomshell +1
Name of the Vulnerable Software and Affected Versions: Green Hills INTEGRITY RTOS version 5.0.4 Description: An issue was discovered in the Interpeak IPCOMShell TELNET server. The undocumented shell command "prompt" sets the shell's prompt value, which is used as a format string input to printf,...