CVE-2010-3380

2010-09-29T17:00:00
ID CVE-2010-3380
Type cve
Reporter cve@mitre.org
Modified 2010-09-30T04:00:00

Description

The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.