Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2725

Overview

Vulnerability Score 2.1 2.1
CVE Id CVE-2005-2725
Last Modified 05 Sep 2008 04:52:32
Published 30 Aug 2005 07:45:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2005-2725

Summary

The inputtrap utility in QNX RTOS 6.1.0, 6.3, and possibly earlier versions does not properly check permissions when the -t flag is specified, which allows local users to read arbitrary files.

Vulnerable Systems

Application

  • Qnx Rtos 6.1.0

  • Qnx Rtos 6.3.0


References

XF - qnx-inputtrap-obtain-information(21969)

BID - 14656

MISC - http://www.rfdslabs.com.br/advisories/qnx-advs-01-2005.txt

SECUNIA - 16569

BUGTRAQ - 20050824 [RLSA_01-2005] QNX inputtrap arbitrary file read vulnerability


Last Updated: 27 May 2016 10:40:37