Published: 31/12/2002 Updated: 10/09/2008

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Multiple buffer overflows in realtime operating system (RTOS) 6.1.0 allows local users to execute arbitrary code via (1) a long ABLANG environment variable in phlocale or (2) a long -u option to pkg-installer.

Vulnerable Product	Search on Vulmon	Subscribe to Product
qnx rtos 6.1.0

/* source: wwwsecurityfocuscom/bid/4918/info It has been reported that the pkg-installer utility for QNX is vulnerable to a buffer overflow condition The vulnerability is a result of an unbounded string copy of the argument to the "-U" commandline option of pkg-installer to a local buffer */ /* Quick and dirty QNX pkg-installer root ...

/* source: wwwsecurityfocuscom/bid/4917/info The QNX phlocale utility is prone to an exploitable buffer overflow condition This is due to insufficient bounds checking of the ABLANG environment variable Exploitation of this issue may result in execution of arbitrary attacker-supplied instructions as root */ /* QNX phlocale $ABLANG exp ...

NVD-CWE-Other http://online.securityfocus.com/archive/1/275218 http://www.securityfocus.com/bid/4917 http://www.iss.net/security_center/static/9258.php http://www.iss.net/security_center/static/9259.php http://www.securityfocus.com/bid/4918 https://nvd.nist.gov https://www.exploit-db.com/exploits/21506/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-2041

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect