QNX pdebug Service Detection

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

Arbitrary commands can be run on this port.

Description :

The QNX pdebug remote debugging service is running on this host.
pdebug should only be used only in development phase.

Through this service, it is possible to upload and execute arbitrary
code on the host, read or modify memory, stop running processes, etc.

An attacker can use this service to take complete control of the
affected device.

See also :

http://www.nessus.org/u?6ec74396
http://www.nessus.org/u?4a817c2a

Solution :

Filter incoming traffic to this port or disable the debug agent.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Service detection

Nessus Plugin ID: 48353 ()

Bugtraq ID:

CVE ID: