QNX PPPoEd contains a buffer overflow that may allow an attacker to execute arbitrary commands.
QNX is an RTOS (Real-time Operating System). QNX is used in many different devices and industries, including, but not limited to
The pppoed command is used to start the PPPoEd daemon which provides Point-to-Point Protocol over Ethernet (PPPoE) connections on QNX systems. The syntax of the PPPoEd command is
pppoed [options] [suboptions]
where [options] are user-supplied command-line parameters. A lack of bounds checking on the user-supplied options may allow a buffer overflow to occur. According to some reports, the following command-line options contain this vulnerability:
However, other options may also contain this vulnerability,
An attacker may be able to execute arbitrary commands with elevated privileges or cause a denial-of-service condition.
We are currently unaware of a practical solution to this problem.
Limit Access to PPPoEd
This vulnerability was publicly reported by Julio Cesar Fort.
This document was written by Jeff Gennari.
|Date First Published:||2005-02-01|
|Date Last Updated:||2005-02-03 16:54 UTC|