55 matches found
EUVD-2002-2021
Malware in sbrugna...
EUVD-2002-2099
Malware in sbrugna...
EUVD-2005-2726
Malware in sbrugna...
EUVD-2002-1962
Malware in sbrugna...
CVE-2002-2120
Multiple buffer overflows in QNX RTOS 4.25 may allow attackers to execute arbitrary code via long filename arguments to 1 Watcom or 2 int10...
BadAlloc Vulnerability Affecting BlackBerry QNX RTOS
Summary On August 17, 2021, BlackBerry publicly disclosed that its QNX Real Time Operating System RTOS is affected by a BadAlloc vulnerability—CVE-2021-22156. BadAlloc is a collection of vulnerabilities affecting multiple RTOSs and supporting libraries.1 A remote attacker could exploit...
QNX RTOS 6.1 phlocale Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4917/info The QNX phlocale utility is prone to an exploitable buffer overflow condition. This is due to insufficient bounds checking of the ABLANG environment variable. Exploitation of this issue may result in execution o...
QNX RTOS 4.25/6.1 phgrafxPrivilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4915/info The QNX phgrafx utility is prone to an issue which may make it possible for local attackers to escalate privileges. This issue is due to unsafe use of the system function to invoke other programs. This...
QNX RTOS 6.4 - Malformed ELF Binary File Local Denial Of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33352/info QNX RTOS is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause a kernel panic, denying service to legitimate users. QNX RTOS 6.4.0 is vulnerable; other versions may also...
QNX RTOS 4.25/6.1 phgrafx-startup Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4916/info The QNX phgrafx-startup utility is prone to an issue which may make it possible for local attackers to escalate privileges. This issue is due to unsafe use of the system function to invoke other programs. This...
QNX RTOS 4.25 CRTTrap File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4901/info The QNX RTOS crttrap binary includes a command-line option for specifying a configuration file. crttrap is installed setuid by default. crttrap Local attackers may specify an arbitrary system file in place of th...
QNX RTOS 4.25 monitor Arbitrary File Modification Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4902/info The QNX RTOS monitor utility is prone to an issue which may allow local attackers to modify arbitrary system files such as /etc/passwd. monitor is installed setuid root by default. The monitor -f command line...
QNX RTOS 4.25/6.1 su Password Hash Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4914/info It has been reported that the 'su' utility for QNX RTOS accepts the SIGSEGV signal and dumps a world readable core file. An attacker is able to analyze the core file and obtain very sensitive information. It is...
QNX RTOS 6.1 PKG-Installer Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4918/info It has been reported that the pkg-installer utility for QNX is vulnerable to a buffer overflow condition. The vulnerability is a result of an unbounded string copy of the argument to the -U commandline option of...
QNX 6.x 'ptrace()' Arbitrary Process Modification Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4919/info The QNX implementation of 'ptrace' is reportedly insecure. An unprivileged process may attach to a setuid program without restriction. Since the attaching process may view or edit memory, an attacker may exploit...
QNX RTOS 6.1/6.3 InputTrap Local Arbitrary File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14656/info QNX RTOS is susceptible to a local arbitrary file disclosure vulnerability. This issue is due to a failure of the 'inputtrap' utility to properly implement access control restrictions. This vulnerability allows...
QNX RTOS 4.25 dumper Arbitrary File Modification Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4904/info When creating memory dump files, the QNX RTOS debugging utility 'dumper' follows symbolic links. It also sets ownership of the file to the userid of the terminated process. It is possible for malicious local...
QNX RTOS 2.4 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6751/info A vulnerability has been discovered in QNX Real-Time Operating System. It has been reported that an unauthorized user may access arbitrary files. This is possible by requesting the file through the location that...
QNX RTOS 6.2 Application Packager Non-Explicit Path Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6146/info A vulnerability has been discovered in an application packager shipped with QNX RTOS. It should be noted that the vulnerable packager is installed setuid root by default. It has been reported that the packager...
QNX RTOS 6.4 - .ELF Binary File Local Denial of Service
QNX RTOS 6.4 - .ELF Binary File Local Denial of Service source: https://www.securityfocus.com/bid/33352/info QNX RTOS is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause a kernel panic, denying service to legitimate users. QNX RTOS 6.4.0 is vulnerable;...