EUVD-2005-3923

Malware in sbrugna...

QNX RTOS 4.25/6.1 phgrafx-startup Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4916/info The QNX phgrafx-startup utility is prone to an issue which may make it possible for local attackers to escalate privileges. This issue is due to unsafe use of the system function to invoke other programs. This...

QNX Neutrino RTOS 6.3 'phgrafx' Local Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30024/info QNX Neutrino RTOS is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. This issue affects the 'phgrafx' utility. Attackers can exploit...

QNX RTOS 4.25/6.1 phgrafxPrivilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4915/info The QNX phgrafx utility is prone to an issue which may make it possible for local attackers to escalate privileges. This issue is due to unsafe use of the system function to invoke other programs. This...

QNX - .Phgrafx File Enumeration

QNX - .Phgrafx File Enumeration source: www.securityfocus.com/bid/66098/info QNX Phgrafx is prone to a file-enumeration weakness. An attacker can exploit this issue to enumerate the files present in the system's root directory; this may aid in further attacks. QNX 6.5.0 SP1, 6.5.0, 6.4.1, 6.3.0,...

QNX 6.x phgrafx File Enumeration

QNX 6.x phgrafx file enumeration vulnerability by cenobyte 2013 - vulnerability description: QNX setuid root /usr/photon/bin/phgrafx allows any non-root user to enumerate files and directories due to opendir messages. - vulnerable platforms: QNX 6.5.0SP1 QNX 6.5.0 QNX 6.4.1 QNX 6.3.0 QNX 6.2.0 -...

QNX - '.Phgrafx' File Enumeration

source: www.securityfocus.com/bid/66098/info QNX Phgrafx is prone to a file-enumeration weakness. An attacker can exploit this issue to enumerate the files present in the system's root directory; this may aid in further attacks. QNX 6.5.0 SP1, 6.5.0, 6.4.1, 6.3.0, and 6.2.0 are vulnerable; other...

Stack overflow

Stack-based buffer overflow in phgrafx in QNX Momentics aka RTOS 6.3.2 and earlier allows local users to gain privileges via a long .pal filename in palette/...

CVE-2008-3024

CVE-2008-3024 describes a stack-based buffer overflow in the phgrafx component of QNX Momentics (RTOS) 6.3.2 and earlier. The overflow is triggered by a long *.pal filename in the palette/ path, allowing local users to gain privileges. The vulnerability is local and does not indicate network acce...

QNX phgrafx privilege escalation

suid root utility buffer overflow on .pal files parsing...

[SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability

QNX phgrafx Privilege Escalation Vulnerability Scanit R&D Labs Security Advisory http://www.scanit.net/rd/advisories/ Jun 30, 2008 Filename: SCANIT-2008-001.txt SCANIT ID: SCANIT-2008-001 Published: June 30th, 2008 I. Summary QNX Software Systems Ltd.'s Neutrino RTOS QNX is a real-time operating...

QNX Neutrino RTOS phgrafx本地栈溢出漏洞

BUGTRAQ ID: 30024 QNX Neutrino RTOS是嵌入系统中所使用的实时操作系统。 QNX RTOS的/usr/photon/bin/phgrafx文件没有正确地处理PHOTONPATH/palette/.pal文件，如果用户在palette目录中创建了文件名大于285字符的.pal扩展名的话，就会触发栈溢出，允许攻击者完全控制程序流。 QNX Neutrino RTOS 6.3.2 QNX Neutrino RTOS 6.3.0 QNX --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

QNX Neutrino RTOS 6.3 - 'phgrafx' Local Buffer Overflow

source: https://www.securityfocus.com/bid/30024/info QNX Neutrino RTOS is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. This issue affects the 'phgrafx' utility. Attackers can exploit this issue to execute arbitrary cod...

QNX RTOS 6.3.0 (phgrafx) Local Buffer Overflow Exploit (x86)

No description provided by source. / [email protected] c 2005, all rights reserved. sample exploit for phgrafx on QNX 6.3.0 x86 tested on: QNX qnx 6.3.0 2004/04/29-21:23:19UTC x86pc x86 / include sys/types.h include stdio.h include stdlib.h include dlfcn.h include unistd.h include err.h...

phgrafx.txt

a buffer overflow vulnerability in the utility "phgrafx" included in the QNX Neutrino Realtime Operating System can potentially be exploited by malicious users to escalate their privileges by default the application is suid and owned by root. example: qnx$ uname -a; id QNX qnx 6.3.0...

CVE-2005-3928

Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument...

CVE-2005-3928

The CVE-2005-3928 issue affects QNX 6.2.1 and 6.3.0, where a buffer overflow in the phgrafx component is triggered by a long command line argument, allowing a local user to execute arbitrary code. The NVD entry lists a base score of 4.6 (MEDIUM) with local attack vector and no authentication. No ...

CVE-2005-3928

Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument...

QNX RTOS 6.3.0 (phgrafx) Local Buffer Overflow Exploit (x86)

Exploit for QNX platform in category local exploits ============================================================ QNX RTOS 6.3.0 phgrafx Local Buffer Overflow Exploit x86 ============================================================ / email protected c 2005, all rights reserved. sample exploit for...

QNX RTOS 6.3.0 (x86) - 'phgrafx' Local Buffer Overflow

/ [email protected] c 2005, all rights reserved. sample exploit for phgrafx on QNX 6.3.0 x86 tested on: QNX qnx 6.3.0 2004/04/29-21:23:19UTC x86pc x86 / include include include include include include ifndef PATH define PATH "/usr/photon/bin/phgrafx" endif ifndef RETINIT define RETINIT 86...