CVE-2014-2534
First published: Tue Mar 18 2014(Updated: )
/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| BlackBerry QNX Neutrino RTOS | =6.4.1 | |
| BlackBerry QNX Neutrino RTOS | =6.5.0 | |
| BlackBerry QNX Neutrino RTOS | =6.5.0-sp1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/softwarecombine
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/description
- agent/tags
- agent/first-publish-date
- agent/event
- vendor/blackberry
- canonical/blackberry qnx neutrino rtos
- version/blackberry qnx neutrino rtos/6.4.1
- version/blackberry qnx neutrino rtos/6.5.0
- version/blackberry qnx neutrino rtos/6.5.0-sp1