Vulnerabilities > CVE-2005-2725 - Unspecified vulnerability in QNX Rtos 6.1.0/6.3.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN qnx
exploit available
Summary
The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files.
Exploit-Db
| description | QNX RTOS 6.1/6.3 InputTrap Local Arbitrary File Disclosure Vulnerability. CVE-2005-2725. Local exploit for linux platform |
| id | EDB-ID:26195 |
| last seen | 2016-02-03 |
| modified | 2005-08-24 |
| published | 2005-08-24 |
| reporter | Julio Cesar Fort |
| source | https://www.exploit-db.com/download/26195/ |
| title | QNX RTOS 6.1/6.3 InputTrap Local Arbitrary File Disclosure Vulnerability |
References
- http://marc.info/?l=bugtraq&m=112490406301882&w=2
- http://marc.info/?l=bugtraq&m=112490406301882&w=2
- http://secunia.com/advisories/16569/
- http://secunia.com/advisories/16569/
- http://www.rfdslabs.com.br/advisories/qnx-advs-01-2005.txt
- http://www.rfdslabs.com.br/advisories/qnx-advs-01-2005.txt
- http://www.securityfocus.com/bid/14656
- http://www.securityfocus.com/bid/14656
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21969
- https://exchange.xforce.ibmcloud.com/vulnerabilities/21969