Load Sharing Facility eauth component allows code execution
| lsf-eauth-execute-code (15282) |  High Risk |
Description:
Platform Computing's Load Sharing Facility (LSF) could allow an attacker to execute arbitrary code on the system, caused by a vulnerability in eauth. eauth controls authentication within LSF. A local or remote attacker from within a LSF cluster, can log into LSF with a specially-crafted string to cause eauth to fail, allowing the attacker to execute arbitrary code on the system with root privileges.
Consequences:
Gain Access
Remedy:
Apply the patch for this vulnerability, available from the Platform Computing Inc. Web site. See References.
References:
- Full-Disclosure Mailing List, Mon Feb 23 2004 - 06:38:34 CST: LSF eauth vulnerability leads to remote code execution .
- Platform Computing Inc. Web site: Platform Computing - Support Services.
- BID-9719: Platform Load Sharing Facility EAuth Component Buffer Overflow Vulnerability
- CVE-2004-0317: Buffer overflow in eauth in Load Sharing Facility 4.x, 5.x, and 6.x allows local users or remote attackers within the LSF cluster to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long LSF_From_PC parameter.
- OSVDB ID: 6813: Load Sharing Facility eauth LSF_From_PC Parameter Overflow
Platforms Affected:
- Platform Computing LSF 4.x
- Platform Computing LSF 5.x
- Platform Computing LSF 6.x
Reported:
Feb 23, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this