QNX Neutrino RTOS phgrafx本地栈溢出漏洞

BUGTRAQ ID: 30024 QNX Neutrino RTOS是嵌入系统中所使用的实时操作系统。 QNX RTOS的/usr/photon/bin/phgrafx文件没有正确地处理PHOTONPATH/palette/.pal文件，如果用户在palette目录中创建了文件名大于285字符的.pal扩展名的话，就会触发栈溢出，允许攻击者完全控制程序流。 QNX Neutrino RTOS 6.3.2 QNX Neutrino RTOS 6.3.0 QNX --- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

QNX Neutrino RTOS 6.3 - phgrafx Local Buffer Overflow

QNX Neutrino RTOS 6.3 - phgrafx Local Buffer Overflow source: https://www.securityfocus.com/bid/30024/info QNX Neutrino RTOS is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. This issue affects the 'phgrafx' utility...

Stack overflow

Multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0 allow local users to execute arbitrary code via long 1 ABLPATH or 2 ABLANG environment variables in the libAP library libAp.so.2 or 3 a long PHOTONPATH environment variable to the setitem function in the libph library...

[Full-disclosure] iDefense Security Advisory 02.07.06: QNX Neutrino RTOS libph PHOTON_PATH Buffer Overflow Vulnerability

QNX Neutrino RTOS libph PHOTONPATH Buffer Overflow Vulnerability iDefense Security Advisory 02.07.06 http://www.idefense.com/intelligence/vulnerabilities/display.php?id=382 February 7, 2006 I. BACKGROUND QNX Software Systems Ltd.'s Neutrino RTOS QNX is a real-time operating system designed for us...