Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID environment variable, if it exists, instead of the real UID of the user, which could allow remote attackers within the local cluster to gain privileges.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2004-03-18T05:00:00

Updated: 2024-08-08T00:17:13.723Z

Reserved: 2004-03-17T00:00:00

Link: CVE-2004-0318

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2004-11-23T05:00:00.000

Modified: 2024-11-20T23:48:18.720

Link: CVE-2004-0318

cve-icon Redhat

No data.