CVSS: 7.2EPSS: 0%CPEs: 35EXPL: 0CVE-2016-0263
https://notcve.org/view.php?id=CVE-2016-0263
IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command. IBM Spectrum Scale 4.1 en versiones anteriores a 4.1.1.5 y 4.2 en versiones anteriores a 4.2.0.2 y General Parallel File System 3.5 en versiones anteriores a 3.5.0.30 permiten a usuarios locales obtener privilegios o provocar una denegación de servicio a través de un comando mmapplypolicy manipulado. • http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005708 http://www.securityfocus.com/bid/90525 http://www.securitytracker.com/id/1036458 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.4EPSS: 0%CPEs: 28EXPL: 0CVE-2016-0392
https://notcve.org/view.php?id=CVE-2016-0392
IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program. IBM General Parallel File System (GPFS) en GPFS Storage Server 2.0.0 hasta la versión 2.0.7 y Elastic Storage Server 2.5.x hasta la versión 2.5.5, 3.x en versiones anteriores a 3.5.5 y 4.x en versiones anteriores a 4.0.3, según se distribuye en Spectrum Scale RAID, permite a usuarios locales obtener privilegios a través de un parámetro manipulado en un programa setuid. • http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875 http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206 http://www.securityfocus.com/archive/1/538620/100/0/threaded http://www.securityfocus.com/bid/91082 http://www.securitytracker.com/id/1036458 • CWE-284: Improper Access Control •