Lucene search
K

5 matches found

CVE
CVE
added 2005/02/20 5:0 a.m.58 views

CVE-2004-1682

The CVE-2004-1682 entry concerns the QNX 6.1 FTP client, where a format string vulnerability in the QUOTE command can allow remote authenticated users to obtain group bin privileges. The root cause is improper handling of format specifiers in QUOTE, enabling privilege escalation. The provided doc...

10CVSS6.9AI score0.0247EPSS
CVE
CVE
added 2005/02/06 5:0 a.m.50 views

CVE-2004-1391

The CVE-2004-1391 entry concerns the PPPoE daemon (PPPoEd) in QNX RTP 6.1, where an untrusted execution path allows local users to execute arbitrary programs by manipulating the PATH environment variable to reference a malicious mount program. This describes a local-privilege problem rooted in PA...

4.6CVSS7.4AI score0.00561EPSS
CVE
CVE
added 2005/02/06 5:0 a.m.48 views

CVE-2004-1390

CVE-2004-1390 affects the PPPoE daemon (PPPoEd) in QNX RTP 6.1 . The issue is described as multiple buffer overflows in PPPoEd that allow a remote attacker to execute arbitrary code by supplying a long argument to any of the flags: -F, name, en, upscript, downscript, retries, timeout, scriptdetac...

10CVSS8.2AI score0.0734EPSS
CVE
CVE
added 2001/04/04 4:0 a.m.46 views

CVE-2001-0325

CVE-2001-0325 affects QNX RTP 5.60. The vulnerability is a buffer/stack overflow in parsing arguments to the stat command (also described as a strtok()-related overflow in the FTP stat handling), allowing a remote attacker to cause a denial of service and potentially execute arbitrary code. Conne...

7.5CVSS7.8AI score0.02144EPSS
CVE
CVE
added 2005/02/20 5:0 a.m.46 views

CVE-2004-1681

CVE-2004-1681 affects QNX Photon microGUI on QNX RTP 6.1. Affected components are phrelay-cfg, phlocale, pkg-installer, and input-cfg, with multiple buffer overflows described as enabling local privilege escalation through an overly long -s (server) command line parameter. The vulnerability is lo...

7.2CVSS7.3AI score0.01055EPSS