Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2010-3380HistoryOct 03, 2022 - 4:20 p.m.
CVE-2010-3380
2022-10-0316:20:56
Debian Security Bug Tracker
security-tracker.debian.org
10
slurm
local users
privileges
trojan horse
shared library
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 10 | all | slurm-llnl | < 2.1.15-2 | slurm-llnl_2.1.15-2_all.deb |
Related
ubuntucve
ubuntucve
CVE-2010-3380
2010-09-29 00:00:00
prion
prion
Directory traversal
2010-09-29 17:00:00
cvelist
cvelist
CVE-2010-3380
2022-10-03 16:20:56
nvd
nvd
CVE-2010-3380
2010-09-29 17:00:05
cve
cve
CVE-2010-3380
2022-10-03 16:20:56
6.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.1%
Related for DEBIANCVE:CVE-2010-3380