crttrap software vulnerabilities
vulnerabilities.aspcode.net
Searching crttrap software vulnerabilities
Hard link and possibly symbolic link following
vulnerabilities
|
following
|
symbolic
|
possibly
|
RTOS
|
Hard
|
link
|
QNX
|
Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility.
The (1) phrafx and (2) phgrafx-startup programs
The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap program.
Software vulnerabilities results 1 to 3 of 3
Page:
1