SUSE SLES12 : Feature update for slurm and pdsh (SUSE-SU-SUSE-FU-2025:0661-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-FU-2025:0661-1 advisory. slurm was updated to version 24.11.1 using package slurm2411: - Security issues fixed: CVE-2024-48936: Fixed authentication...

SUSE SLES15 / openSUSE 15 : Feature update for slurm and pdsh (SUSE-SU-SUSE-FU-2025:0660-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-FU-2025:0660-1 advisory. slurm was updated to version 24.11.1 using package slurm2411: - Security issues fixed: CVE-2024-48936: Fixed authenticati...

SUSE-FU-2025:0661-1 Feature update for slurm and pdsh

This update for slurm and pdsh fixes the following issues: slurm was updated to version 24.11.1 using package slurm2411: - Security issues fixed: CVE-2024-48936: Fixed authentication handling in stepmgr that could permit an attacker to execute processes under other users' jobs bsc1236722...

SUSE-FU-2025:0660-1 Feature update for slurm and pdsh

This update for slurm and pdsh fixes the following issues: slurm was updated to version 24.11.1 using package slurm2411: - Security issues fixed: CVE-2024-48936: Fixed authentication handling in stepmgr that could permit an attacker to execute processes under other users' jobs bsc1236722...

PT-2024-41393 · Opensuse +1 · Pdsh +6

This update for slurm and pdsh fixes the following issues: slurm was updated to version 24.11.1 using package slurm 24 11: - Security issues fixed: CVE-2024-48936: Fixed authentication handling in stepmgr that could permit an attacker to execute processes under other users' jobs bsc1236722...

SUSE CVE-2017-15566

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution...

USN-4781-1 slurm-llnl vulnerabilities

It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. An attacker could possibly use this issue to assume control of an arbitrary file on the system. This issue only affected Ubuntu 16.04 ESM. CVE-2016-10030 It was discovered that Slurm mishandled SPAN...

The vulnerability of the Slurm resource manager, related to improper handling of the SPANK environment variable, allows a perpetrator to escalate their privileges.

The vulnerability of the Slurm resource manager is related to incorrect processing of the SPANK environment variable. Exploiting this vulnerability can allow an attacker to elevate their privileges to the root level when executing Prolog or Epilog scripts...

Debian DSA-4023-1 : slurm-llnl - security update

Ryan Day discovered that the Simple Linux Utility for Resource Management SLURM, a cluster resource management and job scheduling system, does not properly handle SPANK environment variables, allowing a user permitted to submit jobs to execute code as root during the Prolog or Epilog. All systems...

[SECURITY] [DSA 4023-1] slurm-llnl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4023-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 07, 2017 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4023-1] slurm-llnl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4023-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 07, 2017 https://www.debian.org/security/faq -...

CVE-2017-15566

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution...

CVE-2017-15566

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution...

Privilege escalation

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution...

UBUNTU-CVE-2017-15566

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution...

CVE-2017-15566

Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing privilege escalation to root during Prolog or Epilog execution...

CVE-2017-15566

In Slurm, CVE-2017-15566 is caused by insecure handling of SPANK environment variables, enabling local privilege escalation to root during Prolog or Epilog. Affected releases include Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2. The root cause is improper SPANK env va...

CVE-2017-15566

Removed by vendor...

spank.c

Your machine answers to TCP packets that are coming from a multicast address. This is known as the 'spank' denial of service attack. OpenVAS Vulnerability Test $Id: spank.nasl 8145 2017-12-15 13:31:58Z cfischer $ spank.c Authors: Michel Arboi Copyright: Copyright C 2003 Michel Arboi This program ...

spank.txt

------------------------------------------------ Explanation of the 'spank' attack -- a new breed stream/raped ------------------------------------------------ By: lst [email protected] This is a tad different than the previous release. Stream/Raped mearly flooded the host with ack's or no flags a...