[Full-Disclosure] iDEFENSE Security Advisory 11.08.02b: Non-Explicit Path Vulnerability in QNX Neutrino RTOS

From: David Endler (dendler@idefense.com)
Date: 11/09/02


From: dendler@idefense.com (David Endler)
Date: Sat, 9 Nov 2002 11:21:59 -0500

Thanks for pointing out the typo, the date should have read
January, 2003. The advisory has been updated on the web site.

-dave

> -----Original Message-----
> From: Erik Parker [mailto:eparker@mindsec.com]
> Sent: Saturday, November 09, 2002 5:32 AM
> To: David Endler
> Cc: full-disclosure@lists.netsys.com
> Subject: Re: [Full-Disclosure] iDEFENSE Security Advisory
11.08.02b:
> Non-Explicit Path Vulnerability in QNX Neutrino RTOS
>
>
> > VI. VENDOR FIX
> >
> > QNX Neutrino RTOS 6.2.1, which is slated to be released in
January
> > 2002, should fix this vulnerability. According to QNX,
concerned
> > customers can contact their sales rep for an advance copy.
>
> Damn, I need a dev team that can create patches 11 months in
> the past.. That's
> what I call being on top of their game.
>
> You're pathetic David.
>