Vulnerabilities > CVE-2005-1528 - Local Privilege Escalation and Denial Of Service vulnerability in QNX Rtos 6.2.1

047910
CVSS 7.2 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
low complexity
qnx
exploit available
NVD
Published: 2005-12-31
Updated: 2017-07-11

Summary

Untrusted search path vulnerability in the crttrap command in QNX Neutrino RTOS 6.2.1 allows local users to load arbitrary libraries via a LD_LIBRARY_PATH environment variable that references a malicious library.

Vulnerable Configurations

Part Description Count
Application
Qnx
1

Exploit-Db

descriptionQNX 6.2/6.3 Multiple Local Privilege Escalation and Denial Of Service Vulnerabilities. CVE-2005-1528. Local exploit for qnx platform
idEDB-ID:27168
last seen2016-02-03
modified2006-02-07
published2006-02-07
reporteranonymous
sourcehttps://www.exploit-db.com/download/27168/
titleQNX 6.2/6.3 - Multiple Local Privilege Escalation and Denial of Service Vulnerabilities

References