Computer Security
[EN] securityvulns.ru no-pyccku


Cray supercomputers privilege escalation
Published:05.05.2014
Source:
SecurityVulns ID:13747
Type:local
Threat Level:
5/10
Description:root privileges escalation via aprun/apinit
Affected:CRAY : CLE 5.1
 CRAY : CLE 4.2
CVE:CVE-2014-0748 (apinit on Cray devices with CLE before 4.2.UP02 and 5.x before 5.1.UP00 does not use alpsauth data to validate the UID in a launch message, which allows local users to gain privileges via a modified aprun program, aka ID FN5912.)
Original documentdocumentjohn.fitzpatrick_(at)_mwrinfosecurity.com, [mwrlabs advisory][CVE-2014-0748] Cray Aprun/Apinit Privilege Escalation (05.05.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod