Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0891

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0891
Last Modified 05 Sep 2008 04:25:09
Published 31 Jan 2002 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0891

Summary

Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters.

Vulnerable Systems

Operating System

  • Cray Unicos

Application

  • Sgi Nqsdaemon 3.3.0.16


References

SGI - 20020101-01-I

BUGTRAQ - 20011127 UNICOS LOCAL HOLE ALL VERSIONS

XF - unicos-nqsd-format-string(7618)

BID - 3590

OSVDB - 3275


Last Updated: 27 May 2016 10:36:26