Unrated severityNVD Advisory· Published Mar 18, 2014· Updated May 6, 2026

CVE-2014-2534

Description

/sbin/pppoectl in BlackBerry QNX Neutrino RTOS 6.4.x and 6.5.x allows local users to obtain sensitive information by reading "bad parameter" lines in error messages, as demonstrated by reading the root password hash in /etc/shadow.

Affected products

Blackberry/Qnx Neutrino Rtos3 versions
cpe:2.3:o:blackberry:qnx_neutrino_rtos:6.4.1:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:blackberry:qnx_neutrino_rtos:6.4.1:*:*:*:*:*:*:*
- cpe:2.3:o:blackberry:qnx_neutrino_rtos:6.5.0:*:*:*:*:*:*:*
- cpe:2.3:o:blackberry:qnx_neutrino_rtos:6.5.0:sp1:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/32156/nvdExploit
seclists.org/bugtraq/2014/Mar/66nvd
seclists.org/bugtraq/2014/Mar/88nvd
seclists.org/fulldisclosure/2014/Mar/124nvd
seclists.org/fulldisclosure/2014/Mar/98nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000