Vulnerabilities > CVE-2006-0623 - Unspecified vulnerability in QNX Rtos 6.3.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN qnx
exploit available
Summary
QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local users to modify the file and execute arbitrary code at system startup.
Exploit-Db
| description | QNX RTOS 6.3.0 Insecure rc.local Permissions Plus System Crash Exploit. CVE-2006-0623. Local exploit for qnx platform |
| id | EDB-ID:1481 |
| last seen | 2016-01-31 |
| modified | 2006-02-08 |
| published | 2006-02-08 |
| reporter | kokanin |
| source | https://www.exploit-db.com/download/1481/ |
| title | QNX RTOS 6.3.0 Insecure rc.local Permissions Plus System Crash Exploit |
References
- http://secunia.com/advisories/18750
- http://secunia.com/advisories/18750
- http://securitytracker.com/id?1015598
- http://securitytracker.com/id?1015598
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=387
- http://www.idefense.com/intelligence/vulnerabilities/display.php?id=387
- http://www.osvdb.org/22958
- http://www.osvdb.org/22958
- http://www.securityfocus.com/bid/16539
- http://www.securityfocus.com/bid/16539
- http://www.vupen.com/english/advisories/2006/0474
- http://www.vupen.com/english/advisories/2006/0474
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24552
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24552