The dhcp.client program for QNX 4.25 vmware is setuid, possibly by default, which allows local users to modify the NIC configuration and conduct other attacks.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Qnx | Qnx | 4.25 (including) | 4.25 (including) |
References
- http://secunia.com/advisories/17870
- http://www.securityfocus.com/archive/1/418513/100/0/threaded
- http://www.securityfocus.com/bid/15785
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23543
- http://secunia.com/advisories/17870
- http://www.securityfocus.com/archive/1/418513/100/0/threaded
- http://www.securityfocus.com/bid/15785
- https://exchange.xforce.ibmcloud.com/vulnerabilities/23543