Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0623

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2006-0623
Last Modified 07 Mar 2011 09:30:27
Published 08 Feb 2006 09:02:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2006-0623

Summary

QNX Neutrino RTOS 6.3.0 ships /etc/rc.d/rc.local with world-writable permissions, which allows local users to modify the file and execute arbitrary code at system startup.

Vulnerable Systems

Application

  • Qnx Rtos 6.3.0


References

VUPEN - ADV-2006-0474

IDEFENSE - 20060207 QNX RTOS 6.3.0 rc.local Insecure File Permissions Vulnerability

SECUNIA - 18750

XF - qnx-rclocal-root-privileges(24552)

BID - 16539

OSVDB - 22958

SECTRACK - 1015598


Last Updated: 27 May 2016 10:41:44