VULHUB ™

UNICOS is the supercomputer operating system distributed by Cray. It is typically used with Cray systems. nqsdaemon doesn't not correctly handle some file names. Upon loading of a shell script by the nqsdaemon that contains format strings, it is possible to execute arbitrary code. Since the nqsdaemon runs as root, the executed code would be in the context of the root user. This problem makes it possible for local users to gain elevated privileges, and compromise administrative access to a vulnerable system.

UNICOS is the supercomputer operating system distributed by Cray. It is typically used with Cray systems. nqsdaemon doesn't not correctly handle some file names. Upon loading of a shell script by the nqsdaemon that contains format strings, it is possible to execute arbitrary code. Since the nqsdaemon runs as root, the executed code would be in the context of the root user. This problem makes it possible for local users to gain elevated privileges, and compromise administrative access to a vulnerable system.