18 matches found
CVE-2005-3928
The CVE-2005-3928 issue affects QNX 6.2.1 and 6.3.0, where a buffer overflow in the phgrafx component is triggered by a long command line argument, allowing a local user to execute arbitrary code. The NVD entry lists a base score of 4.6 (MEDIUM) with local attack vector and no authentication. No ...
CVE-2006-0623
CVE-2006-0623 is associated with QNX Neutrino RTOS 6.3.0. The vulnerability arises because /etc/rc.d/rc.local is shipped with world-writable permissions, allowing local users to modify the file and thereby execute arbitrary code at system startup. The connected records confirm the affected softwa...
CVE-2002-2039
In QNX RTOS versions 4.25 and 6.1.0, /bin/su allows local users to read sensitive information from core dump files by sending SIGSERV (invalid memory reference); impact is partial confidentiality. The description notes the local privilege/impact but does not provide exploitable details, affected ...
CVE-2002-2120
CVE-2002-2120 affects QNX RTOS 4.25. The vulnerability consists of multiple buffer overflows in the OS kernel/user interfaces that can be triggered by long filename arguments to (1) Watcom or (2) int10, potentially allowing arbitrary code execution. Public references likewise describe buffer over...
CVE-2005-1528
CVE-2005-1528 affects QNX Neutrino RTOS 6.2.1, where the crttrap command is vulnerable to untrusted search path issues. A local user can set LD_LIBRARY_PATH to point to a malicious library, which crttrap may load, leading to arbitrary code execution with root privileges because crttrap is install...
CVE-2002-2040
CVE-2002-2040 affects QNX RTOS versions 4.25 and 6.1.0, where the phrafx and phgrafx-startup programs fail to drop privileges before running the system command. This allows local users to execute arbitrary commands by manipulating the PATH to reference a malicious crttrap program. Impact is descr...
CVE-2004-1391
The CVE-2004-1391 entry concerns the PPPoE daemon (PPPoEd) in QNX RTP 6.1, where an untrusted execution path allows local users to execute arbitrary programs by manipulating the PATH environment variable to reference a malicious mount program. This describes a local-privilege problem rooted in PA...
CVE-2002-1983
CVE-2002-1983 affects QNX RTOS 6.1.0. The timer implementation is vulnerable: by creating multiple timers with a 1‑ms tick, local users can cause a denial of service (hang) and potentially execute arbitrary code. Impact described as local, with partial availability impact. No explicit remediation...
CVE-2002-2041
CVE-2002-2041 affects RTOS 6.1.0 due to multiple buffer overflows that let a local attacker execute arbitrary code. Exploitation vectors are (1) a long ABLANG environment variable in phlocale and (2) a long -u option to pkg-installer. CVSSv2 base score is 7.2 (HIGH); impact is complete confidenti...
CVE-2004-1390
CVE-2004-1390 affects the PPPoE daemon (PPPoEd) in QNX RTP 6.1 . The issue is described as multiple buffer overflows in PPPoEd that allow a remote attacker to execute arbitrary code by supplying a long argument to any of the flags: -F, name, en, upscript, downscript, retries, timeout, scriptdetac...
CVE-2006-0620
CVE-2006-0620 describes a race condition in the phfont component of QNX Neutrino RTOS 6.2.1. The flaw allows local users to execute arbitrary code through unspecified manipulations of the PHFONT and PHOTON2_PATH environment variables. Connected documents do not provide additional technical specif...
CVE-2006-0622
CVE-2006-0622 affects QNX Neutrino RTOS 6.3.0 . The vulnerability allows local users to cause a denial of service (hang) by supplying a command to gdb: specifically triggering with the string "break *0xb032d59f". The associated sources in the connected documents corroborate the page-level descrip...
CVE-2002-2042
CVE-2002-2042 affects the QNX RTOS, specifically versions 4.25 and 6.1.0, where the ptrace facility lets a program attach to privileged processes. This could enable a local user to modify running processes and potentially execute arbitrary code, constituting a local privilege escalation. The prov...
CVE-2002-2407
CVE-2002-2407 concerns QNX Neutrino RTOS 6.2.0 patches that incorrectly set insecure permissions on a set of binaries (e.g., /sbin/io-audio, /bin/shutdown, /sbin/fs-pkg, phshutdown, plus game binaries in pack 2.0.3). The issue enables local users to gain privileges by modifying these files before...
CVE-2006-0619
CVE-2006-0619 describes multiple stack-based buffer overflows in QNX Neutrino RTOS 6.3.0. Local users can execute arbitrary code by supplying overly long values in environment variables (ABLPATH, ABLANG in libAP.so.2 or PHOTON_PATH used by setitem in libph). The entry lists these vectors and affe...
CVE-2006-0621
CVE-2006-0621 describes multiple buffer overflows in QNX Neutrino RTOS 6.2.0 that allow a local user to execute arbitrary code by supplying a long first argument to the (1) su or (2) passwd commands. The issue stems from unsafe handling in those utilities, enabling local code execution with full ...
CVE-2002-1239
The CVE-2002-1239 issue affects QNX Neutrino RTOS 6.2.0 where a setuid root packager uses external commands without full paths, causing local privilege escalation by manipulating PATH to point to a malicious cp. The underlying problem is unvalidated PATH-based execution of external binaries, enab...
CVE-2005-2725
The CVE-2005-2725 entry concerns QNX RTOS: vulnerable component is the inputtrap utility, affected in versions including 6.1.0 and 6.3 (possibly earlier). The root cause is improper permission checks when the -t flag is used, enabling local users to read arbitrary files. Impact is limited to loca...