CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-1391

Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 41.6%

CVSS Severity

CVSS v2 Score 4.6

References

http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0155.html
http://www.kb.cert.org/vuls/id/577566
http://www.osvdb.org/9661
http://www.rfdslabs.com.br/qnx-advs-01-2004.txt
http://www.securityfocus.com/bid/11105
https://exchange.xforce.ibmcloud.com/vulnerabilities/17284
http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0155.html
http://www.kb.cert.org/vuls/id/577566
http://www.osvdb.org/9661
http://www.rfdslabs.com.br/qnx-advs-01-2004.txt
http://www.securityfocus.com/bid/11105
https://exchange.xforce.ibmcloud.com/vulnerabilities/17284

Products affected by CVE-2004-1391

Qnx » Rtos » Version: 6.1.0

cpe:2.3:a:qnx:rtos:6.1.0
Qnx » Rtos » Version: 6.1.0a

cpe:2.3:a:qnx:rtos:6.1.0a
Qnx » Rtos » Version: 6.2.0

cpe:2.3:a:qnx:rtos:6.2.0
Qnx » Rtos » Version: 6.2.1a

cpe:2.3:a:qnx:rtos:6.2.1a
Qnx » Rtos » Version: 6.2.1b

cpe:2.3:a:qnx:rtos:6.2.1b
Qnx » Rtos » Version: 6.3.0

cpe:2.3:a:qnx:rtos:6.3.0
Qnx » Rtp » Version: 6.1

cpe:2.3:a:qnx:rtp:6.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-1391

Products

Pricing

Contact Us