CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2014-0748 – Cray Aprun / Apinit Privilege Escalation
https://notcve.org/view.php?id=CVE-2014-0748
11 Feb 2014 — apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912. apinit en dispositivos Cray con CLE anterior 4.2.UP02 y 5.x anterior a 5.1.UP00 no utiliza los datos alpsauth para validar el UID en el mensaje, lo que permite a usuarios locales obtener privilegios a través de un programa modificado aprun, también conocido como ID FN5912. • https://packetstorm.news/files/id/125165 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 4CVE-2006-0177 – Cray UNICOS /usr/bin/script - Command Line Argument Local Overflow
https://notcve.org/view.php?id=CVE-2006-0177
11 Jan 2006 — Multiple buffer overflows in Cray UNICOS 9.0.2.2 might allow local users to gain privileges by (1) invoking /usr/bin/script with a long command line argument or (2) setting the -c option of /etc/nu to the name of a file containing a long line. • https://www.exploit-db.com/exploits/27065 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2006-0178
https://notcve.org/view.php?id=CVE-2006-0178
11 Jan 2006 — Format string vulnerability in /bin/ftp in UNICOS 9.0.2.2 allows local users to have an unknown impact via format string specifiers in the quote command. NOTE: because the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability. • http://archives.neohapsis.com/archives/fulldisclosure/2006-01/0343.html •
CVSS: 9.8EPSS: 56%CPEs: 165EXPL: 1CVE-2003-0028
https://notcve.org/view.php?id=CVE-2003-0028
21 Mar 2003 — Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. Desbordamiento de entero en la función xdrmem_getbytes(), y posiblemente otras funciones, de librerias XDR (representación de datos externos) derivadas de SunRPC, incluyendo l... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2001-0891
https://notcve.org/view.php?id=CVE-2001-0891
31 Jan 2002 — Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters. Vulnerabilidad en el formateado de cadenas en el demonio NQS (nqsdaemon) en NQE 3.3.0.16 para CRAY UNICOS permite que un usuario local obtenga privilegios de root usando qsub para enviar un proceso job cuyo nombre contiene caracteres de formatado. • ftp://patches.sgi.com/support/free/security/advisories/20020101-01-I •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-1999-1300
https://notcve.org/view.php?id=CVE-1999-1300
31 Dec 1999 — Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration. • http://ciac.llnl.gov/ciac/bulletins/b-31.shtml •
CVSS: 10.0EPSS: 0%CPEs: 9EXPL: 0CVE-1999-0692
https://notcve.org/view.php?id=CVE-1999-0692
19 Jul 1999 — The default configuration of the Array Services daemon (arrayd) disables authentication, allowing remote users to gain root privileges. • ftp://patches.sgi.com/support/free/security/advisories/19990701-01-P •
CVSS: 9.8EPSS: 7%CPEs: 12EXPL: 2CVE-1999-0041 – UNICOS 9/MAX 1.3/mk 1.5 / AIX 4.2 / libc 5.2.18 / RedHat 4 / IRIX 6 / Slackware 3 - NLS
https://notcve.org/view.php?id=CVE-1999-0041
13 Feb 1997 — Buffer overflow in NLS (Natural Language Service). • https://www.exploit-db.com/exploits/19551 •
CVSS: 10.0EPSS: 1%CPEs: 18EXPL: 0CVE-1999-0099
https://notcve.org/view.php?id=CVE-1999-0099
19 Oct 1995 — Buffer overflow in syslog utility allows local or remote attackers to gain root privileges. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0099 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-1999-1468
https://notcve.org/view.php?id=CVE-1999-1468
22 Oct 1991 — rdist in various UNIX systems uses popen to execute sendmail, which allows local users to gain root privileges by modifying the IFS (Internal Field Separator) variable. • http://www.alw.nih.gov/Security/8lgm/8lgm-Advisory-01.html •