CVE Vulnerabilities

CVE-2004-1391

Published: Dec 31, 2004 | Modified: Jul 11, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
4.6 MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program.

Affected Software

Name Vendor Start Version End Version
Rtos Qnx 6.1.0 6.1.0
Rtos Qnx 6.1.0a 6.1.0a
Rtos Qnx 6.2.0 6.2.0
Rtos Qnx 6.2.1a 6.2.1a
Rtos Qnx 6.2.1b 6.2.1b
Rtos Qnx 6.3.0 6.3.0
Rtp Qnx 6.1 6.1

References