68 matches found
CVE-2018-1782
IBM GPFS IBM Spectrum Scale 5.0.1.0 and 5.0.1.1 allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. IBM X-Force ID: 148805...
Security Bulletin: IBM Spectrum Scale is affected by a security vulnerability (CVE-2016-0263)
Summary A security vulnerability has been identified in the current levels of IBM Spectrum Scale V4.2, V4.1 and IBM General Parallel File System V3.5, that could allow a local user, under special circumstances, to escalate their privileges or cause a denial of service when the mmapplypolicy comma...
Security Bulletin: The GPFS pattern provided with IBM PureApplication System is affected by a security vulnerability. (CVE-2016-0263)
Summary A security vulnerability has been identified in the current levels of IBM Spectrum Scale V4.2, V4.1 and IBM General Parallel File System V3.5, that could allow a local user, under special circumstances, to escalate their privileges or cause a denial of service when the mmapplypolicy comma...
The vulnerabilities of the IBM Spectrum Scale and General Parallel File System data storage management software are caused by buffer overflows, allowing attackers to execute arbitrary code with root privileges or trigger service interruptions.
The vulnerabilities of the IBM Spectrum Scale and General Parallel File System data storage management software are caused by buffer overflows. Exploiting these vulnerabilities allows a malicious actor to execute arbitrary code with root privileges or cause service interruptions...
IBM Spectrum Scale/GPFS Denial of Service Vulnerability
IBM Spectrum Scale is a high-performance shared disk file management solution that gives you fast, reliable access to data from multiple servers.The IBM General Parallel File System IBM GPFS is a file system for distributing and managing data across multiple servers and is used in many...
CVE-2016-6115
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash...
Buffer overflow
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash...
CVE-2016-6115
IBM General Parallel File System is vulnerable to a buffer overflow. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system with root privileges or cause the server to crash...
CVE-2016-6115
CVE-2016-6115 affects IBM GPFS/Spectrum Scale (e.g., Elastic Storage Server and GPFS Storage Server). The vulnerability is a buffer overflow in IBM General Parallel File System that could be triggered by a remote authenticated attacker, allowing arbitrary code execution with root privileges or ca...
CVE-2016-2985
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System GPFS 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program...
CVE-2016-2984
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System GPFS 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted command-line parameters to a /usr/lpp/mmfs/bin/ setuid program...
CVE-2016-2985
IBM Spectrum Scale 4.1.1.x before 4.1.1.8 and 4.2.x before 4.2.0.4 and General Parallel File System GPFS 3.5.x before 3.5.0.32 and 4.1.x before 4.1.1.8 allow local users to gain privileges via crafted environment variables to a /usr/lpp/mmfs/bin/ setuid program...
CVE-2016-2985
CVE-2016-2985 affects IBM Spectrum Scale/GPFS where a local attacker can gain root privileges by manipulating environment variables processed by setuid executables under /usr/lpp/mmfs/bin. Affected products/versions include IBM Spectrum Scale V4.2.0.x before 4.2.0.4, V4.1.1.x before 4.1.1.8, and ...
CVE-2016-0361
IBM General Parallel File System GPFS 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMI...
CVE-2016-0361
IBM General Parallel File System GPFS 3.5 before 3.5.0.29 efix 6 and 4.1.1 before 4.1.1.4 efix 9, when the Spectrum Scale GUI is used with DB2 on Linux, UNIX and Windows, allows remote authenticated users to obtain sensitive information via unspecified vectors, as demonstrated by discovering ADMI...
The vulnerability of the General Parallel File System allows a perpetrator to execute an application with administrator privileges.
The vulnerability of the General Parallel File System is related to insufficient authentication of network packets when the cipherList configuration parameter is enabled. Exploiting this vulnerability allows a malicious actor to execute an application with administrator privileges remotely...
CVE-2016-0263
IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command...
Command injection
IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command...
CVE-2016-0263
IBM Spectrum Scale/GPFS (CVE-2016-0263) can allow a local user to escalate privileges or cause a denial of service when the mmapplypolicy command is used with certain options. Affected products include IBM Spectrum Scale V4.2, V4.1 and General Parallel File System V3.5 (and related ESS/GPFS deplo...
CVE-2016-0263
IBM Spectrum Scale 4.1 before 4.1.1.5 and 4.2 before 4.2.0.2 and General Parallel File System 3.5 before 3.5.0.30 allow local users to gain privileges or cause a denial of service via a crafted mmapplypolicy command...