CVE-2016-0392

Description

IBM General Parallel File System (GPFS) in GPFS Storage Server 2.0.0 through 2.0.7 and Elastic Storage Server 2.5.x through 2.5.5, 3.x before 3.5.5, and 4.x before 4.0.3, as distributed in Spectrum Scale RAID, allows local users to gain privileges via a crafted parameter to a setuid program.

Predictions

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

References

• http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html
• http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875
• http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206
• http://www.securityfocus.com/archive/1/538620/100/0/threaded
• http://www.securityfocus.com/bid/91082
• http://www.securitytracker.com/id/1036458
• http://packetstormsecurity.com/files/137373/IBM-GPFS-Spectrum-Scale-Command-Injection.html
• http://www-01.ibm.com/support/docview.wss?uid=ssg1S1005875
• http://www-01.ibm.com/support/docview.wss?uid=swg1IV84206
• http://www.securityfocus.com/archive/1/538620/100/0/threaded
• http://www.securityfocus.com/bid/91082
• http://www.securitytracker.com/id/1036458

CWEs

CWE-284