Vulnerability Description
Format string vulnerability in QNX 6.1 FTP client allows remote authenticated users to gain group bin privileges via format string specifiers in the QUOTE command.
CVSS Score
10.0
HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Qnx | Rtp | 6.1 |
References
- http://marc.info/?l=bugtraq&m=109511327005476&w=2
- http://secunia.com/advisories/12533Vendor Advisory
- http://www.rfdslabs.com.br/qnx-advs-04-2004.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17347
- http://marc.info/?l=bugtraq&m=109511327005476&w=2
- http://secunia.com/advisories/12533Vendor Advisory
- http://www.rfdslabs.com.br/qnx-advs-04-2004.txt
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17347
FAQ
What is CVE-2004-1682?
CVE-2004-1682 is a vulnerability with a CVSS score of 10.0 (HIGH). Format string vulnerability in QNX 6.1 FTP client allows remote authenticated users to gain group bin privileges via format string specifiers in the QUOTE command.
How severe is CVE-2004-1682?
CVE-2004-1682 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2004-1682?
Check the references section above for vendor advisories and patch information. Affected products include: Qnx Rtp.