Description
QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while operating at raised privileges, which allows local users to gain privileges by modifying the PATH to point to a malicious cp program.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by Texonet · textlocallinux
https://www.exploit-db.com/exploits/22002
References (5)
Core 5
Core References
Third Party Advisory mailing-list
x_refsource_vulnwatch
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0066.html
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103679043232178&w=2
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/6146
Exploit, Patch, Vendor Advisory x_refsource_misc
http://www.idefense.com/advisory/11.08.02b.txt
Vendor Advisory vdb-entry
x_refsource_xf
http://www.iss.net/security_center/static/10564.php
Scores
EPSS
0.0040
EPSS Percentile
60.6%
Details
Status
published
Products (1)
qnx/rtos
6.2.0
Published
Nov 12, 2002
Tracked Since
Feb 18, 2026