Computer Security
[EN] no-pyccku

Cray supercomputers privilege escalation
SecurityVulns ID:13747
Threat Level:
Description:root privileges escalation via aprun/apinit
Affected:CRAY : CLE 5.1
 CRAY : CLE 4.2
CVE:CVE-2014-0748 (apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912.)
Original documentdocumentjohn.fitzpatrick_(at), [mwrlabs advisory][CVE-2014-0748] Cray Aprun/Apinit Privilege Escalation (05.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod