Описание
Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program.
Ссылки
- Exploit
- Third Party AdvisoryUS Government Resource
- Exploit
- Exploit
- Third Party AdvisoryUS Government Resource
- Exploit
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:qnx:rtos:6.1.0:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtos:6.1.0a:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtos:6.2.0:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtos:6.2.1a:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtos:6.2.1b:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtos:6.3.0:*:*:*:*:*:*:*
cpe:2.3:a:qnx:rtp:6.1:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00191
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program.
EPSS
Процентиль: 41%
0.00191
Низкий
4.6 Medium
CVSS2
Дефекты
NVD-CWE-Other