Back to search
CVE-2004-1391
Published: Feb 6, 2005
Modified: Aug 8, 2024
PUBLISHED
Description
Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.rfdslabs.com.br/qnx-advs-01-2004.txt
x_refsource_MISC
11105
vdb-entry
x_refsource_BID
9661
vdb-entry
x_refsource_OSVDB
qnx-rtp-mount-command-execute(17284)
vdb-entry
x_refsource_XF
20040903 [RLSA_01-2004] QNX PPPoEd local root vulnerabilities
mailing-list
x_refsource_FULLDISC
VU#577566
third-party-advisory
x_refsource_CERT-VN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now