Phase:The timer implementation in QNX RTOS 6.1.0 allows local users to cause a denial of service (hang) and possibly execute arbitrary code by creating multiple timers with a 1-ms tick.
ReferencesBUGTRAQ:Wednesday, November 06, 2002 QNX 6.1 TimeCreate weakness | URL:http://online.securityfocus.com/archive/1/298689 | BID:6114 | URL:http://www.securityfocus.com/bid/6114 | XF:qnx-rtp-timer-dos(10550) | URL:http://xforce.iss.net/xforce/xfdb/10550
Votes:Assigned (Wednesday, June 29, 2005)
Comments:None (candidate not yet proposed)
F7: