exploit the possibilities
Showing 1 - 25 of 48 RSS Feed

Files

QNX QCONN Remote Command Execution
Posted Sep 26, 2012
Authored by Mor!p3r

QNX version 6.5.0 with QCONN version 1.4.207944 suffers from a remote command execution vulnerability.

tags | exploit, remote
MD5 | 28c8422604e9dbe2ec3bdd11314dd43c

Related Files

ifwatchd Privilege Escalation
Posted Oct 8, 2018
Authored by Tim Brown, Brendan Coles, cenobyte | Site metasploit.com

This Metasploit module attempts to gain root privileges on QNX 6.4.x and 6.5.x systems by exploiting the ifwatchd suid executable. ifwatchd allows users to specify scripts to execute using the '-A' command line argument; however, it does not drop privileges when executing user-supplied scripts, resulting in execution of arbitrary commands as root. This Metasploit module has been tested successfully on QNX Neutrino 6.5.0 (x86) and 6.5.0 SP1 (x86).

tags | exploit, arbitrary, x86, root
advisories | CVE-2014-2533
MD5 | 7a562f56fafb417de6cf725f6b38c71d
QNX Neutrino RTOS 6.5.0 Privilege Escalation
Posted Mar 13, 2014
Authored by Tim Brown | Site nth-dimension.org.uk

QNX Neutrino RTOS version 6.5.0 suffers from multiple privilege escalation vulnerabilities.

tags | exploit, vulnerability
MD5 | 3748b8804887238b5f64b6871cf8ee63
QNX 6.4.x / 6.5.x /etc/shadow Disclosure
Posted Mar 10, 2014
Authored by cenobyte

QNX versions 6.4.x and 6.5.x suffer from a ppoectl vulnerability that allows for disclosure of /etc/shadow.

tags | exploit, info disclosure
MD5 | 22443ed5c49330d6954b168938571792
QNX 6.5.0 x86 phfont Buffer Overflow
Posted Mar 10, 2014
Authored by cenobyte

QNX version 6.5.0 local root exploit that leverages a buffer overflow in /usr/photon/bin/phfont.

tags | exploit, overflow, local, root
MD5 | c622cb89628b18bd06acac00a54aebd1
QNX 6.5.0 x86 io-graphics Buffer Overflow
Posted Mar 10, 2014
Authored by cenobyte

QNX version 6.5.0 x86 io-graphics local root exploit that leverages a buffer overflow vulnerability.

tags | exploit, overflow, x86, local, root
MD5 | e96f523966a9c8f8ecbc41009ab3027f
QNX 6.4.x / 6.5.x ifwatchd Local Root
Posted Mar 10, 2014
Authored by cenobyte

QNX versions 6.4.x and 6.5.x ifwatchd local root exploit.

tags | exploit, local, root
MD5 | 246ae1fba6336a6e1204bea4db303fe5
QNX 6.x Photon Denial Of Service / File Overwrite
Posted Mar 10, 2014
Authored by cenobyte

QNX version 6.x Photon functionality allows for an arbitrary file overwrite with root level privileges allowing for denial of service and privilege escalation for a local user.

tags | exploit, denial of service, arbitrary, local, root
MD5 | 3e5fa1f9c482c4ed2a0e34d54214ff3c
QNX 6.x phfont Enumeration
Posted Mar 10, 2014
Authored by cenobyte

QNX version 6.x suffers from an enumeration vulnerability using the setuid /usr/photon/bin/phfont binary.

tags | exploit
MD5 | 109a251e480dd502cd7c0d3d808f30e0
QNX 6.x phgrafx File Enumeration
Posted Mar 10, 2014
Authored by cenobyte

QNX version 6.x suffers from a file enumeration vulnerability that leverages the setuid /usr/photon/bin/phgrafx binary.

tags | exploit
MD5 | db62222eb859b41cc83f2d6a55169e45
QNX QCONN Remote Command Execution
Posted Oct 5, 2012
Authored by David Odell | Site metasploit.com

This Metasploit module exploits a vulnerability in the qconn component of QNX Neutrino which can be abused to allow unauthenticated users to execute arbitrary commands under the context of the 'root' user.

tags | exploit, arbitrary, root
MD5 | 5e32b032fe2d358a064a90b9d74409d0
QNX phrelay/phindows/phditto Overflows
Posted May 11, 2012
Authored by Luigi Auriemma | Site aluigi.org

QNX phrelay/phindows/phditto suffer from bpe_decompress stack overflow and Photon Session buffer overflow vulnerabilities. Proof of concept test code included.

tags | exploit, overflow, vulnerability, proof of concept
systems | linux
MD5 | 8bdbe35c922a2d77f278a277d57eda29
libdvdcss 1.2.11
Posted Nov 16, 2011
Site videolan.org

libdvdcss is a cross-platform library for transparent DVD device access with on-the-fly CSS decryption. It currently runs under Linux, FreeBSD, NetBSD, OpenBSD, BSD/OS, Solaris, BeOS, Win95/Win98, Win2k/WinXP, MacOS X, HP-UX, QNX, and OS/2. It is used by libdvdread and most DVD players such as VLC because of its portability and because, unlike similar libraries, it does not require your DVD drive to be region locked.

Changes: This release improves RPC-II drive handling and contains a more robust keys retrieval mode. It also introduces fixes for MingW and OS/2 compilation, and has various bugfixes for small issues, memory leaks, crashes, and build issues.
tags | library
systems | linux, netbsd, windows, 2k, 9x, unix, solaris, freebsd, bsd, openbsd, hpux, beos, osx, xp
MD5 | 048134d398b4372a21ae304b9a9fa70b
QNX Neutrino RTOS Runtime Linker Arbitrary File Creation
Posted Mar 11, 2011
Authored by Tim Brown

The QNX Neutrino RTOS runtime linker allows the creation or overwriting of an arbitrary file. Moreover the technique by which this can be achieved can be triggered even where the binary being executed is setUID and is running as another user. Version 6.5.0 is affected.

tags | advisory, arbitrary
MD5 | 3dae88e996eb5247a05bf4dd05567abf
QNX 6.4.0 ELF Binary Kernel Panic Exploit
Posted Jan 21, 2009
Authored by Knud Erik Hojgaard

QNX version 6.4.0 bitflipped ELF binary kernel panic exploit.

tags | exploit, kernel
MD5 | 8cd7ec18a224bf2f0c7c1a6fe0125e97
Secunia Security Advisory 30808
Posted Jul 2, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Scanit Labs has reported a vulnerability in QNX Momentics, which can be exploited by malicious, local users to gain escalated privileges.

tags | advisory, local
MD5 | daac11f70965f476a3bc02327868bed7
SCANIT-2008-001.txt
Posted Jul 1, 2008
Authored by Rodrigo Rubira Branco, Filipe Balestra | Site scanit.net

QNX RTOS phgrafx version 6.3.2 and 6.3.0 suffer from a privilege escalation vulnerability.

tags | advisory
MD5 | 30766d2dfe2702bf77bc2e784af435fd
DSR-QNX6.2.1-phfont.sh.txt
Posted Feb 10, 2006
Authored by Knud Erik Hojgaard | Site lort.dk

Local root exploit for QNX Neutrino RTOS's phfont command. Affects QNX Neutrino RTOS version 6.2.1. Earlier versions may also be susceptible.

tags | exploit, local, root
MD5 | 671f10313114f264e395db3183a96069
Secunia Security Advisory 18750
Posted Feb 9, 2006
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in QNX Neutrino RTOS, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or gain escalated privileges.

tags | advisory, denial of service, local, vulnerability
MD5 | 58ee56585bff4c68235346a6dcdc1112
iDEFENSE Security Advisory 2006-02-07.7
Posted Feb 8, 2006
Authored by Texonet, iDefense Labs | Site idefense.com

iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'passwd' command allows attackers to gain root privileges. The problem specifically exists in the parsing of a long string passed as the first argument to the set user id (setuid) binary 'passwd'. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.0. Earlier versions are suspected to be susceptible to exploitation as well.

tags | advisory, overflow, local, root, vulnerability
MD5 | 5f12d0b59a4332564f7ed6f236088883
iDEFENSE Security Advisory 2006-02-07.6
Posted Feb 8, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 02.07.06 - Local exploitation of a design vulnerability in QNX Software Systems QNX Realtime Operating System (RTOS) allows attackers to execute arbitrary commands with root privileges. The problem specifically exists because QNX RTOS 6.3.0 ships with world writable permissions on the file /etc/rc.d/rc.local. iDefense has confirmed the existence of this vulnerability in QNX RTOS version 6.3.0. Version 6.0 was also tested and found to not be vulnerable.

tags | advisory, arbitrary, local, root
MD5 | 5159b61548c532863f51b5a32633c3f9
iDEFENSE Security Advisory 2006-02-07.5
Posted Feb 8, 2006
Authored by iDefense Labs | Site idefense.com

iDefense Security Advisory 02.07.06 - Local exploitation of a denial of service vulnerability in QNX Software Systems QNX Realtime Operating System (RTOS) allows attackers to crash the operating system. iDefense has confirmed the existence of this vulnerability in QNX RTOS version 6.3.0. Version 6.0 was also tested and found to not be vulnerable.

tags | advisory, denial of service, local
MD5 | a74427fdc0caa66182fbf13005ce4b41
iDEFENSE Security Advisory 2006-02-07.4
Posted Feb 8, 2006
Authored by Texonet, iDefense Labs | Site idefense.com

iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'su' command allows attackers to gain root privileges. The problem specifically exists in the parsing of a long string passed as the first argument to the set user id (setuid) binary 'su'. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.0. Earlier versions are suspected to be susceptible to exploitation as well.

tags | advisory, overflow, local, root, vulnerability
MD5 | 4b68bb38a3931b8a9961642e65081d8d
iDEFENSE Security Advisory 2006-02-07.3
Posted Feb 8, 2006
Authored by iDefense Labs, Knud Hojgaard | Site idefense.com

iDefense Security Advisory 02.07.06 - Local exploitation of a buffer overflow in QNX Neutrino RTOS's (QNX) 'phgrafx' command allows attackers to gain root privileges. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.1. Earlier versions are suspected to be susceptible to exploitation as well.

tags | advisory, overflow, local, root, vulnerability
MD5 | 0a6b5c3a37e249f27172383d9db37d35
iDEFENSE Security Advisory 2006-02-07.2
Posted Feb 8, 2006
Authored by iDefense Labs, Knud Hojgaard | Site idefense.com

iDefense Security Advisory 02.07.06 - Local exploitation of a race condition vulnerability in QNX Neutrino RTOS's (QNX) phfont command allows attackers to gain root privileges. QNX Neutrino RTOS is a real-time operating system designed for use in embedded systems. The problem specifically exists because phfont spawns another command, phfontphf, without proper sanity checking. iDefense has confirmed the existence of these vulnerabilities in QNX Neutrino RTOS version 6.2.1. Earlier versions are also suspected to be susceptible to exploitation.

tags | advisory, local, root, vulnerability
MD5 | e0bc6779d4f1d17549b26c4a6809691a
iDEFENSE Security Advisory 2006-02-07.1
Posted Feb 8, 2006
Authored by iDefense Labs, Filipe Balestra | Site idefense.com

iDefense Security Advisory 02.07.06 - Local exploitation of a stack-based buffer overflow vulnerability in QNX Inc.'s Neutrino RTOS Operating System allows local attackers to gain root privileges. The vulnerability specifically exists due to improper handling of environment variables in the libph system library. iDefense has confirmed the existence of this vulnerability on QNX Neutrino RTOS 6.3.0. All versions are suspected vulnerable.

tags | advisory, overflow, local, root
MD5 | 94a5cddb5df520fc5e6adc3c707d9a0d
Page 1 of 2
Back12Next

File Archive:

October 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    16 Files
  • 2
    Oct 2nd
    1 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    24 Files
  • 5
    Oct 5th
    24 Files
  • 6
    Oct 6th
    11 Files
  • 7
    Oct 7th
    14 Files
  • 8
    Oct 8th
    19 Files
  • 9
    Oct 9th
    1 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    7 Files
  • 12
    Oct 12th
    15 Files
  • 13
    Oct 13th
    26 Files
  • 14
    Oct 14th
    10 Files
  • 15
    Oct 15th
    6 Files
  • 16
    Oct 16th
    2 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    14 Files
  • 19
    Oct 19th
    15 Files
  • 20
    Oct 20th
    20 Files
  • 21
    Oct 21st
    12 Files
  • 22
    Oct 22nd
    14 Files
  • 23
    Oct 23rd
    3 Files
  • 24
    Oct 24th
    1 Files
  • 25
    Oct 25th
    33 Files
  • 26
    Oct 26th
    27 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close