header-logo
Suggest Exploit
vendor:
Real-Time Operating System
by:
SecurityFocus
7.5
CVSS
HIGH
Arbitrary File Access
264
CWE
Product Name: Real-Time Operating System
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

QNX Real-Time Operating System Arbitrary File Access Vulnerability

It has been reported that an unauthorized user may access arbitrary files on QNX Real-Time Operating System by requesting the file through the location that the FAT partition is mounted to. Accessing files in this manner ignores all permissions set by the operating system.

Mitigation:

Ensure that all files are properly secured and that only authorized users have access to them.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6751/info

A vulnerability has been discovered in QNX Real-Time Operating System. It has been reported that an unauthorized user may access arbitrary files. This is possible by requesting the file through the location that the FAT partition is mounted to. Accessing files in this manner ignores all permissions set by the operating system.

example: cat /fs-dos/linux/etc/shadow

Navigation

Suggest Exploit

Services By CQR