[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20051203173339.scxughxz40gogc0w@webmail.fe.up.pt>
Date: Sat, 03 Dec 2005 17:33:39 +0000
From: lms@...up.pt
To: bugtraq@...urityfocus.com, Vuln@...irt.com,
full-disclosure@...ts.grok.org.uk
Subject: QNX 4.25 suided dhcp.client binary
Hello all,
I recently got a QNX 4.25 vmware image and i found that the dhcp.client shipped
with it is suided.
This obviously enables a normal user to control the NIC's configuration and
produce some other attacks (eg: if the system has some services which depend on
'host/ip based' authentication [NFS,NIS,rlogin, etc]).
Some vmware screenshots are available at:
http://lms.ispgaya.pt/goodies/qnx/
I havent got access to other QNX installations so, allthough the person who gave
me the image said the binary wasnt changed, can anybody else confirm this?
Best regards,
+---------------------------------
| Luís Miguel Ferreira da Silva
| Unidade de Qualidade e Segurança
| Centro de Informática
| Professor Correia Araújo
| Faculdade de Engenharia da
| Universidade do Porto
Content of type "application/pgp-keys" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists