QNX RTOS 4.25 - 'CRTTrap' File Disclosure
| EKU-ID: 27005 | CVE: CVE-2002-0793;OSVDB-12217 | OSVDB-ID: |
| Author: Simon Ouellette | Published: 2002-05-31 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27005 | CVE: CVE-2002-0793;OSVDB-12217 | OSVDB-ID: |
| Author: Simon Ouellette | Published: 2002-05-31 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/4901/info The QNX RTOS crttrap binary includes a command-line option for specifying a configuration file. crttrap is installed setuid by default. crttrap Local attackers may specify an arbitrary system file in place of the configuration file and crttrap will disclose the contents of the arbitrary file. crttrap -c /etc/shadow