CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2013-2989
https://notcve.org/view.php?id=CVE-2013-2989
28 May 2013 — The file-copying functionality in IBM Sterling Connect:Direct 3.8.00, 4.0.00, and 4.1.0 for UNIX on AIX 6.1 through 7.1 uses incorrect privileges, which allows local users to bypass filesystem read permissions and write permissions by leveraging authentication to the Connect:Direct product. La funcionalidad de copia de archivos de IBM Sterling Connect:Direct v3.8.00, v4.0.00, y v4.1.0 para UNIX sobre AIX v6.1 hasta v7.1 utiliza privilegios incorrectos, lo que permite a usuarios locales eludir los permisos d... • http://www-01.ibm.com/support/docview.wss?uid=swg1IC86449 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2012-6352
https://notcve.org/view.php?id=CVE-2012-6352
02 Feb 2013 — The Session Manager in IBM Sterling Connect:Direct through 4.1.0.3 on UNIX allows remote attackers to cause a denial of service (daemon crash and disk consumption) via crafted data. El Session Manager en IBM Sterling Connect: Direct hasta v4.1.0.3 en UNIX permite a atacantes remotos causar una denegación de servicio (caída del demonio y consumo de disco) mediante paquetes falsificados. • http://www-01.ibm.com/support/docview.wss?uid=swg1QC20158 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •