Vulnerabilities > CVE-2004-0318 - Privilege Escalation vulnerability in Platform Load Sharing Facility EAuth

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

platform

critical

exploit available

NVD

Published: 2004-11-23

Updated: 2017-07-11

Summary

Load Sharing Facility (LSF) 4.x, 5.x, and 6.x uses the LSF_EAUTH_UID environment variable, if it exists, instead of the real UID of the user, which could allow remote attackers within the local cluster to gain privileges.

Vulnerable Configurations

Part	Description	Count
Application	Platform Platform LSF 4.0 Platform LSF 4.2 Platform LSF 5.0 Platform LSF 5.1 Platform LSF 6.0	5

Exploit-Db

description	Platform Load Sharing Facility 4/5/6 EAuth Privilege Escalation Vulnerability. CVE-2004-0318. Local exploit for linux platform
id	EDB-ID:23743
last seen	2016-02-02
modified	2003-02-23
published	2003-02-23
reporter	Tomasz Grabowski
source	https://www.exploit-db.com/download/23743/
title	Platform Load Sharing Facility 4/5/6 - EAuth Privilege Escalation Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References