QNX RTOS FTP Client QUOTE Command Format String Overflow
Local Access Required,
Local / Remote,
Loss of Integrity
A local overflow exists in QNX RTOS FTP client. The FTP Client QUOTE command fails to properly check the format of the incoming string resulting in a buffer overflow. With a specially crafted request, an attacker can cause arbitrary code executing with bin group privileges resulting in a loss of integrity.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.