10 matches found
EUVD-2005-1531
Malware in sbrugna...
QNX RTOS 4.25 CRTTrap File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4901/info The QNX RTOS crttrap binary includes a command-line option for specifying a configuration file. crttrap is installed setuid by default. crttrap Local attackers may specify an arbitrary system file in place of th...
CVE-2005-1528
CVE-2005-1528 affects QNX Neutrino RTOS 6.2.1, where the crttrap command is vulnerable to untrusted search path issues. A local user can set LD_LIBRARY_PATH to point to a malicious library, which crttrap may load, leading to arbitrary code execution with root privileges because crttrap is install...
[Full-disclosure] iDefense Security Advisory 02.07.06: QNX Neutrino RTOS crttrap Arbitrary Library Loading Vulnerability
QNX Neutrino RTOS crttrap Arbitrary Library Loading Vulnerability iDefense Security Advisory 02.07.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=379 February 7, 2006 I. BACKGROUND QNX Software Systems Ltd.'s Neutrino RTOS QNX is a real-time operating system designed for u...
QNX crttrap unauthorized file access
-c option can be user to read/write any file...
CVE-2002-0793
Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 aka QNX4 allow local users to overwrite arbitrary files via 1 the -f argument to the monitor utility, 2 the -d argument to dumper, 3 the -c argument to crttrap, or 4 using the Watcom sample utility...
CVE-2002-0793
Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 aka QNX4 allow local users to overwrite arbitrary files via 1 the -f argument to the monitor utility, 2 the -d argument to dumper, 3 the -c argument to crttrap, or 4 using the Watcom sample utility...
PT-2002-1814 · Blackberry · Qnx Rtos
Name of the Vulnerable Software and Affected Versions: QNX RTOS version 4.25 Description: The issue allows local users to overwrite arbitrary files via specific arguments to certain utilities, including 1 the -f argument to the monitor utility, 2 the -d argument to dumper, 3 the -c argument to...
QNX RTOS 4.25 - 'CRTTrap' File Disclosure
source: https://www.securityfocus.com/bid/4901/info The QNX RTOS crttrap binary includes a command-line option for specifying a configuration file. crttrap is installed setuid by default. crttrap Local attackers may specify an arbitrary system file in place of the configuration file and crttrap...
QNX RTOS 4.25 - CRTTrap File Disclosure
QNX RTOS 4.25 - CRTTrap File Disclosure source: https://www.securityfocus.com/bid/4901/info The QNX RTOS crttrap binary includes a command-line option for specifying a configuration file. crttrap is installed setuid by default. crttrap Local attackers may specify an arbitrary system file in place...