Load Sharing Facility eauth component could allow attacker to hijack other user`s process
| lsf-eauth-process-hijack (15278) |  Medium Risk |
Description:
Platform Computing's Load Sharing Facility (LSF) could allow a remote attacker, from within an LSF cluster, to hijack another user's process, caused by a vulnerability in the eauth authentication component. A remote attacker, with knowledge of another user's authentication information, could submit and control jobs as the other user.
Consequences:
Gain Access
Remedy:
Apply the patch for this vulnerability, available from the Platform Computing Inc. Web site. See References.
References:
- Full-Disclosure Mailing List, Mon Feb 23 2004 - 06:57:44 CST: LSF eauth vulnerability leads to a possibility of controlling cluster jobs on behalf of other users .
- Platform Computing Inc. Web site: Platform Computing - Support Services.
- BID-9724: Platform Load Sharing Facility EAuth Privilege Escalation Vulnerability
- CVE-2004-0318: Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID environment variable, if it exists, instead of the real UID of the user, which could allow remote attackers within the local cluster to gain privileges.
Platforms Affected:
- Platform Computing LSF 4.x
- Platform Computing LSF 5.x
- Platform Computing LSF 6.x
Reported:
Feb 23, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net