6 matches found
EUVD-2005-4077
Malware in sbrugna...
QSSL QNX 4.25 A crypt() Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1114/info A design error in the operation of the crypt3 function exists in QNX, from QNX System Software, Limited QSSL. The flaw allows the recovery of passwords from the hashes. On most Unix variants, crypt3 is based on ...
QNX 4.25 suided dhcp.client binary
Hello all, I recently got a QNX 4.25 vmware image and i found that the dhcp.client shipped with it is suided. This obviously enables a normal user to control the NIC's configuration and produce some other attacks eg: if the system has some services which depend on 'host/ip based' authentication...
CVE-2002-1633
Multiple buffer overflows in QNX 4.25 may allow local users to execute arbitrary code via long command line arguments to 1 sample, 2 ex, 3 du, 4 find, 5 lex, 6 mkdir, 7 rm, 8 serserv, 9 tcpserv, 10 termdef, 11 time, 12 unzip, 13 use, 14 wcc, 15 wcc386, 16 wd, 17 wdisasm, 18 which, 19 wlib, 20...
CVE-2002-1633
CVE-2002-1633 : In QNX 4.25, multiple buffer overflows in various utilities (e.g., sample, ex, du, find, lex, mkdir, rm, serserv, tcpserv, termdef, time, unzip, use, wcc, wlink, wpp, write, etc.) may allow a local user to execute arbitrary code via long command line arguments. The description spe...
CVE-2002-1633
Multiple buffer overflows in QNX 4.25 may allow local users to execute arbitrary code via long command line arguments to 1 sample, 2 ex, 3 du, 4 find, 5 lex, 6 mkdir, 7 rm, 8 serserv, 9 tcpserv, 10 termdef, 11 time, 12 unzip, 13 use, 14 wcc, 15 wcc386, 16 wd, 17 wdisasm, 18 which, 19 wlib, 20...