Vulnerabilities > CVE-2002-1239 - Unspecified vulnerability in QNX Rtos 6.2.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN qnx
exploit available
Summary
QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program.
Exploit-Db
| description | QNX RTOS 6.2 Application Packager Non-Explicit Path Execution Vulnerability. CVE-2002-1239. Local exploit for linux platform |
| id | EDB-ID:22002 |
| last seen | 2016-02-02 |
| modified | 2002-11-08 |
| published | 2002-11-08 |
| reporter | Texonet |
| source | https://www.exploit-db.com/download/22002/ |
| title | QNX RTOS 6.2 Application Packager Non-Explicit Path Execution Vulnerability |
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0066.html
- http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0066.html
- http://marc.info/?l=bugtraq&m=103679043232178&w=2
- http://marc.info/?l=bugtraq&m=103679043232178&w=2
- http://www.idefense.com/advisory/11.08.02b.txt
- http://www.idefense.com/advisory/11.08.02b.txt
- http://www.iss.net/security_center/static/10564.php
- http://www.iss.net/security_center/static/10564.php
- http://www.securityfocus.com/bid/6146
- http://www.securityfocus.com/bid/6146