CVE-2004-0318

Published: Mar 18, 2004

Modified: Aug 8, 2024

PUBLISHED

Description

Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID environment variable, if it exists, instead of the real UID of the user, which could allow remote attackers within the local cluster to gain privileges.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20040223 Lam3rZ Security Advisory #2/2004: LSF eauth vulnerability leads to a possibility of controlling cluster jobs on behalf of other users

mailing-list

x_refsource_BUGTRAQ

9724

vdb-entry

x_refsource_BID

lsf-eauth-process-hijack(15278)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2004-0318

Description

Affected Products

References