CVE-2005-3928

QNX RTOS 6.2.1 and 6.3.0 - Buffer Overflow in phgrafx via Long Command Line Argument

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-3928. PoCs published by p. minervini.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in phgrafx on QNX 6.3.0 x86. It constructs a malicious buffer with NOP sleds, shellcode, and a return address override to execute arbitrary code via the system() function.

Description

Buffer overflow in phgrafx in QNX 6.2.1 and 6.3.0 allows local users to execute arbitrary code via a long command line argument.

Exploits (1)

exploitdb WORKING POC VERIFIED

by p. minervini · clocalqnx

https://www.exploit-db.com/exploits/1347

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in phgrafx on QNX 6.3.0 x86. It constructs a malicious buffer with NOP sleds, shellcode, and a return address override to execute arbitrary code via the system() function.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: phgrafx on QNX 6.3.0 x86

No auth needed

Prerequisites: QNX 6.3.0 x86 system with phgrafx installed · ability to execute the binary

MITRE ATT&CK