[原文]Untrusted execution path vulnerability in the PPPoE daemon (PPPoEd) in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program.
QNX PPPoEd PATH Variable Local Privilege Escalation
Local Access Required
Loss of Integrity
QNX PPPoEd contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user modifies the $PATH variable and provides a drop-in replacement for the "mount" command. This flaw may lead to a loss of Integrity.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue. It is possible to restrict untrusted users from executing pppoed.