The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files.
References
| Link | Resource |
|---|---|
| http://marc.info/?l=bugtraq&m=112490406301882&w=2 | |
| http://secunia.com/advisories/16569/ | Exploit Vendor Advisory |
| http://www.rfdslabs.com.br/advisories/qnx-advs-01-2005.txt | Exploit Vendor Advisory |
| http://www.securityfocus.com/bid/14656 | Exploit |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/21969 | |
| http://marc.info/?l=bugtraq&m=112490406301882&w=2 | |
| http://secunia.com/advisories/16569/ | Exploit Vendor Advisory |
| http://www.rfdslabs.com.br/advisories/qnx-advs-01-2005.txt | Exploit Vendor Advisory |
| http://www.securityfocus.com/bid/14656 | Exploit |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/21969 |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 00:00
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://marc.info/?l=bugtraq&m=112490406301882&w=2 - | |
| References | () http://secunia.com/advisories/16569/ - Exploit, Vendor Advisory | |
| References | () http://www.rfdslabs.com.br/advisories/qnx-advs-01-2005.txt - Exploit, Vendor Advisory | |
| References | () http://www.securityfocus.com/bid/14656 - Exploit | |
| References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/21969 - |
Information
Published : 2005-08-30 11:45
Updated : 2024-11-21 00:00
NVD link : CVE-2005-2725
Mitre link : CVE-2005-2725
CVE.ORG link : CVE-2005-2725
JSON object : View
Products Affected
qnx
- rtos
CWE