Lucene search

[email protected]CVE-2004-0318

HistoryNov 23, 2004 - 5:00 a.m.

CVE-2004-0318

2004-11-2305:00:00

[email protected]

web.nvd.nist.gov

lsf

load sharing facility

cve-2004-0318

vulnerability

remote attackers

privileges

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.034 Low

EPSS

Percentile

91.5%

JSON

Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID environment variable, if it exists, instead of the real UID of the user, which could allow remote attackers within the local cluster to gain privileges.

Affected configurations

NVD

Node

platformlsfMatch4.0

platformlsfMatch4.2

platformlsfMatch5.0

platformlsfMatch5.1

platformlsfMatch6.0

CPENameOperatorVersion
platform:lsfplatform lsfeq4.0
platform:lsfplatform lsfeq4.2
platform:lsfplatform lsfeq5.0
platform:lsfplatform lsfeq5.1
platform:lsfplatform lsfeq6.0

CPE	Name	Operator	Version
platform:lsf	platform lsf	eq	4.0
platform:lsf	platform lsf	eq	4.2
platform:lsf	platform lsf	eq	5.0
platform:lsf	platform lsf	eq	5.1
platform:lsf	platform lsf	eq	6.0

References

marc.info/?l=bugtraq&m=107756600403557&w=2

www.securityfocus.com/bid/9724

exchange.xforce.ibmcloud.com/vulnerabilities/15278

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

7.2 High

AI Score

Confidence

Low

0.034 Low

EPSS

Percentile

91.5%

JSON

Related for CVE-2004-0318

cvelist1 nvd1