CVE-2004-1391 Information

Description

Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2004-09/0155.html http://www.kb.cert.org/vuls/id/577566 http://www.osvdb.org/9661 http://www.rfdslabs.com.br/qnx-advs-01-2004.txt http://www.securityfocus.com/bid/11105 https://exchange.xforce.ibmcloud.com/vulnerabilities/17284