CVE-2001-0891

{"id": "CVE-2001-0891", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2002-01-31T05:00:00.000", "references": [{"url": "ftp://patches.sgi.com/support/free/security/advisories/20020101-01-I", "tags": ["Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=100695627423924&w=2", "source": "cve@mitre.org"}, {"url": "http://www.osvdb.org/3275", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/3590", "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7618", "source": "cve@mitre.org"}, {"url": "ftp://patches.sgi.com/support/free/security/advisories/20020101-01-I", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://marc.info/?l=bugtraq&m=100695627423924&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.osvdb.org/3275", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/3590", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/7618", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters."}, {"lang": "es", "value": "Vulnerabilidad en el formateado de cadenas en el demonio NQS (nqsdaemon) en NQE 3.3.0.16 para CRAY UNICOS permite que un usuario local obtenga privilegios de root usando qsub para enviar un proceso job cuyo nombre contiene caracteres de formatado."}], "lastModified": "2025-04-03T01:03:51.193", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sgi:nqsdaemon:3.3.0.16:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F517BBC-025F-475C-8BD4-2AC77D11265B"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:cray:unicos:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B7B7EE1D-BD38-49D6-B58E-34A53EB150C1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}