Unprotected QNX qconn Service

This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.


Synopsis :

Arbitrary commands can be run on this port.

Description :

A QNX qconn service is running on this host.

QNX plans to add some authentication to qconn. Meanwhile, qconn
should be used only in development phase.

Through this service, it is possible to upload and execute arbitrary
code on the host. An attacker can use this service to take complete
control of the affected device.

See also :

http://www.nessus.org/u?979f54af
http://www.nessus.org/u?9468f6f3

Solution :

Filter incoming traffic to this port, disable the service, or contact
the device's vendor for a patch.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)

Family: Service detection

Nessus Plugin ID: 48354 ()

Bugtraq ID:

CVE ID:

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial