Описание
Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program.
Ссылки
- Exploit
- Third Party AdvisoryUS Government Resource
- Exploit
- Exploit
- Third Party AdvisoryUS Government Resource
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:qnx:rtos:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtos:6.1.0a:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtos:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtos:6.2.1a:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtos:6.2.1b:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtos:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtp:6.1:*:*:*:*:*:*:*
EPSS
Процентиль: 49%
0.0026
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program.
EPSS
Процентиль: 49%
0.0026
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other