返回 CVE 浏览器

CVE-2004-1390

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0180%

EPSS Percentile14.56th

Published2004年12月31日

Last Modified2026年4月16日

Vulnerability Description

Multiple buffer overflows in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the (1) -F, (2) name, (3) en, (4) upscript, (5) downscript, (6) retries, (7) timeout, (8) scriptdetach, (9) noscript, (10) nodetach, (11) remote_mac, or (12) local_mac flags.

Affected Platforms (CPE)

📦

Qnx

Rtos

= 2.4

📦

Qnx

Rtos

= 4.25

📦

Qnx

Rtos

= 6.1.0

📦

Qnx

Rtos

= 6.2.0

📦

Qnx

Rtos

= 6.2.0a

📦

Qnx

Rtp

= 6.1

References & Advisories

🔗 http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0155.html

🔗 http://www.kb.cert.org/vuls/id/961686

🔗 http://www.rfdslabs.com.br/qnx-advs-01-2004.txt

🔗 http://www.securityfocus.com/bid/11104

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/17280

🔗 http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0155.html

🔗 http://www.kb.cert.org/vuls/id/961686

🔗 http://www.rfdslabs.com.br/qnx-advs-01-2004.txt

相关漏洞威胁

CVE-2018-10008009.8

zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can...

CVE-2019-77149.8

An issue was discovered in Interpeak IPWEBS on Green Hills INTEGRITY RTOS 5.0.4. It allocates 60 bytes for the HTTP Authentication...

CVE-2019-77139.8

An issue was discovered in the Interpeak IPCOMShell TELNET server on Green Hills INTEGRITY RTOS 5.0.4. There is a heap-based buffe...

CVE-2020-19399.8

The Apache NuttX (Incubating) project provides an optional separate "apps" repository which contains various optional components a...