vendor:
RTOS
by:
SecurityFocus
7.2
CVSS
HIGH
Local Arbitrary File Disclosure
264
CWE
Product Name: RTOS
Affected Version From: 6.1
Affected Version To: 6.3
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005
QNX RTOS Local Arbitrary File Disclosure Vulnerability
QNX RTOS is susceptible to a local arbitrary file disclosure vulnerability. This issue is due to a failure of the 'inputtrap' utility to properly implement access control restrictions. This vulnerability allows local malicious users to gain access to the contents of arbitrary files with superuser privileges, aiding them in further attacks.
Mitigation:
Ensure that access control restrictions are properly implemented for the 'inputtrap' utility.