59 matches found
Security Bulletin: The GPFS pattern provided with IBM PureApplication System is affected by a security vulnerability. (CVE-2016-0263)
Summary A security vulnerability has been identified in the current levels of IBM Spectrum Scale V4.2, V4.1 and IBM General Parallel File System V3.5, that could allow a local user, under special circumstances, to escalate their privileges or cause a denial of service when the mmapplypolicy comma...
IBM Spectrum Scale/GPFS Denial of Service Vulnerability
IBM Spectrum Scale is a high-performance shared disk file management solution that gives you fast, reliable access to data from multiple servers.The IBM General Parallel File System IBM GPFS is a file system for distributing and managing data across multiple servers and is used in many...
Buffer overflow
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash...
CVE-2016-6115
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash...
CVE-2016-6115
CVE-2016-6115 affects IBM GPFS/Spectrum Scale (e.g., Elastic Storage Server and GPFS Storage Server). The vulnerability is a buffer overflow in IBM General Parallel File System that could be triggered by a remote authenticated attacker, allowing arbitrary code execution with root privileges or ca...
CVE-2016-2984
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System GPFS 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program...
CVE-2016-2985
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System GPFS 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program...
CVE-2016-2985
CVE-2016-2985 affects IBM Spectrum Scale/GPFS where a local attacker can gain root privileges by manipulating environment variables processed by setuid executables under /usr/lpp/mmfs/bin. Affected products/versions include IBM Spectrum Scale V4.2.0.x before 4.2.0.4, V4.1.1.x before 4.1.1.8, and ...
CVE-2016-0361
IBM General Parallel File System GPFS 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMI...
CVE-2016-0361
IBM General Parallel File System GPFS 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMI...
Command injection
IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command...
CVE-2016-0263
IBM Spectrum Scale/GPFS (CVE-2016-0263) can allow a local user to escalate privileges or cause a denial of service when the mmapplypolicy command is used with certain options. Affected products include IBM Spectrum Scale V4.2, V4.1 and General Parallel File System V3.5 (and related ESS/GPFS deplo...
CVE-2016-0263
IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command...
CVE-2016-0392
IBM General Parallel File System GPFS in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program...
CVE-2016-0392
IBM General Parallel File System GPFS in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program...
IBM Spectrum Scale and General Parallel File System Elevation of Privilege Vulnerability
IBM GPFS is an enterprise file management system optimized for petabyte-scale storage management.IBM Spectrum Scale is a data and file management solution based on IBM GPFS. IBM Spectrum Scale and IBM GPFS have a security vulnerability in the handling of the mmapplypolicy command that allows a...
IBM Spectrum Scale (GPFS) Hadoop Connector Vulnerable
IBM Spectrum Scale and General Parallel File System GPFS is a scalable data and file management solution based on IBM GPFS an enterprise file management system optimized for petabyte-scale storage management from IBM, USA. The solution helps customers reduce storage costs while improving security...
CVE-2015-7430
The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General Parallel File System GPFS allows local users to read or write to arbitrary GPFS data via unspecified vectors...
CVE-2015-7430
The IBM Spectrum Scale (GPFS) Hadoop Connector is affected by CVE-2015-7430, impacting versions 1.1.1, 2.4, 2.5, and 2.7.0-0 through 2.7.0-2. An unprivileged user could read, write, modify, or delete GPFS data via unspecified vectors. The issue is mitigated by upgrading to version 2.7.0-3. IBM pr...
CVE-2015-7430
The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General Parallel File System GPFS allows local users to read or write to arbitrary GPFS data via unspecified vectors...