Exploit QNX RTOS 4.25 - monitor Arbitrary File Modification

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
21500
Проверка EDB
  1. Пройдено
Автор
SIMON OUELLETTE
Тип уязвимости
LOCAL
Платформа
LINUX
CVE
cve-2002-0793
Дата публикации
2002-05-31
Код:
source: https://www.securityfocus.com/bid/4902/info

The QNX RTOS monitor utility is prone to an issue which may allow local attackers to modify arbitrary system files (such as /etc/passwd). monitor is installed setuid root by default.

The monitor -f command line option may be used by a local attacker to cause an arbitrary system file to be overwritten. Once overwritten, the attacker will gain ownership of the file.

monitor -f /etc/passwd
 
Источник
www.exploit-db.com

Похожие темы