CVE-2001-0891

Published: Jan 31, 2002Modified: Apr 16, 2026

7.2

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 3.9 / Impact: 10.0

Source: NVD

Description

Format string vulnerability in NQS daemon (nqsdaemon) in NQE 3.3.0.16 for CRAY UNICOS and SGI IRIX allows a local user to gain root privileges by using qsub to submit a batch job whose name contains formatting characters.

Affected (2)

Products: Sgi: Nqsdaemon · Cray: Unicos

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sgi Nqsdaemon	Version 3.3.0.16

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Cray Unicos	All versions

References (10)

ftp://patches.sgi.com/support/free/security/advisories/20020101-01-I (unsafe URL)

Source: cve@mitre.org

PatchVendor Advisory

http://marc.info/?l=bugtraq&m=100695627423924&w=2

Source: cve@mitre.org

http://www.osvdb.org/3275

Source: cve@mitre.org

http://www.securityfocus.com/bid/3590

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/7618

Source: cve@mitre.org

ftp://patches.sgi.com/support/free/security/advisories/20020101-01-I (unsafe URL)