Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/bugtraq/2002-05/0292.html | Broken Link Exploit Vendor Advisory |
http://www.iss.net/security_center/static/9231.php | Broken Link Patch Vendor Advisory |
http://www.securityfocus.com/bid/4901 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/4902 | Broken Link Exploit Patch Third Party Advisory VDB Entry Vendor Advisory |
http://www.securityfocus.com/bid/4903 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/4904 | Broken Link Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/9232 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/9233 | Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/9234 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
26 Jan 2024, 17:18
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 4.6
v3 : 5.5 |
CPE | cpe:2.3:o:blackberry:qnx_neutrino_real-time_operating_system:4.25:*:*:*:*:*:*:* | |
CWE | CWE-59 | |
First Time |
Blackberry
Blackberry qnx Neutrino Real-time Operating System |
|
References | (BUGTRAQ) http://archives.neohapsis.com/archives/bugtraq/2002-05/0292.html - Broken Link, Exploit, Vendor Advisory | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/9233 - Third Party Advisory, VDB Entry | |
References | (BID) http://www.securityfocus.com/bid/4902 - Broken Link, Exploit, Patch, Third Party Advisory, VDB Entry, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/4903 - Broken Link, Third Party Advisory, VDB Entry | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/9234 - Third Party Advisory, VDB Entry | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/9232 - Third Party Advisory, VDB Entry | |
References | (BID) http://www.securityfocus.com/bid/4904 - Broken Link, Third Party Advisory, VDB Entry | |
References | (XF) http://www.iss.net/security_center/static/9231.php - Broken Link, Patch, Vendor Advisory | |
References | (BID) http://www.securityfocus.com/bid/4901 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2002-08-12 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2002-0793
Mitre link : CVE-2002-0793
CVE.ORG link : CVE-2002-0793
JSON object : View
Products Affected
blackberry
- qnx_neutrino_real-time_operating_system
CWE
CWE-59
Improper Link Resolution Before File Access ('Link Following')