CVE-2015-2123
https://notcve.org/view.php?id=CVE-2015-2123
Unspecified vulnerability in HP NonStop Safeguard Security Software H06.x, L15.02, and J06.x before J06.19 allows remote authenticated users to gain privileges by leveraging Expand access. Vulnerabilidad no especificada en HP NonStop Safeguard Security Software H06.x, L15.02, y J06.x anterior a J06.19 permite a usuarios remotos autenticados ganar privilegios mediante el aprovechamiento del acceso a Expand. • http://www.securityfocus.com/bid/74819 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04683599 •
CVE-2014-2629
https://notcve.org/view.php?id=CVE-2014-2629
HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to process-creation time. HP NonStop Safeguard Security Software G, H06.03 hasta H06.28.01, y J06.03 hasta J06.17.01 no evalúa debidamente el DISKFILE-PATTERN ACL de un fichero de objeto de programa, lo que permite a usuarios remotos autenticados evadir las restricciones sobre el acceso a programas a través de vectores relacionados con el tiempo de la creación de procesos. • http://secunia.com/advisories/59981 http://www.securityfocus.com/bid/69147 http://www.securitytracker.com/id/1030697 https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=c04391893 • CWE-264: Permissions, Privileges, and Access Controls •