QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program.
References
Configurations
History
20 Nov 2024, 23:40
Type | Values Removed | Values Added |
---|---|---|
References | () http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0066.html - | |
References | () http://marc.info/?l=bugtraq&m=103679043232178&w=2 - | |
References | () http://www.idefense.com/advisory/11.08.02b.txt - Exploit, Patch, Vendor Advisory | |
References | () http://www.iss.net/security_center/static/10564.php - Vendor Advisory | |
References | () http://www.securityfocus.com/bid/6146 - |
Information
Published : 2002-11-12 05:00
Updated : 2024-11-20 23:40
NVD link : CVE-2002-1239
Mitre link : CVE-2002-1239
CVE.ORG link : CVE-2002-1239
JSON object : View
Products Affected
qnx
- rtos
CWE