IBM Spectrum LSF versions 10.1 and 10.2 suffer from hardcoded eauth key and eauth key exposure vulnerabilities.
7b805922df0af9a8af46eb5021d5ad516d5d2b44e2d6fc8f4bd24f60749d3a03BeeGFS versions 7.1.3 and below suffer from a privilege escalation vulnerability.
d30029c1850a3b316562ecfdf0823e70e5d8b72548aae0f53565d9c31f6d8df9PBS Professional versions 19.2.3 and below suffer from an authentication bypass vulnerability.
4e778bfddd48fd678b80e1ee642c5e78739451b4e2a52e2e2396245a985f8e41A vulnerability was identified within IBM Spectrum LSF which made it was possible to impersonate other users when submitting jobs for execution. Additionally, it was found to be possible to impersonate and execute jobs as root, even where root job submission is disabled. Versions affected include 8.3, 9.1.1, 9.1.2, 9.1.3, 10.1, and 10.1.0.1.
2efba7f49de16c0ab91885eec21b6040948eb64801f0eac0a8e9a23a88545d52DDN controllers ship with a set of static entries within the authorized_keys file of several of the user accounts. The corresponding private keys can be obtained from publicly available sources.
470b91b64442d28eebb33a4f527381613c2b67ad4b238cb3ab10d5b46ca3f8e7DDN SFA suffers from a privilege escalation vulnerability.
8685f5cd2b43437141d6700fcd38911bb8804b7c0342311a9bbe76773a26134bIBM GPFS version 4.1.0.0 through 4.1.0.8 and 3.5.0.0 through 3.5.0.30 along with Spectrum Scale versions 4.2.0.0 through 4.2.0.2 and 4.1.1.0 through 4.1.1.6 suffer from a command injection vulnerability.
d5a184120f34553d5a3f070fe73506ebbb75681cf01c038a98e3fde9002113f4It is possible for users of ICE-X supercomputers to gain access to backups of system configuration databases.
a3391d3f24f884f8882a5a413fe59541e6c85c96d2bdb3446ccde65cf7207df8SGI Tempo systems expose a database password in the world readable /etc/odapw file.
33068bfa9903902198ab1a1def7493a5b1147e1e5e632e0bac53597bf97cf900/opt/sgi/sgimc/bin/vx, a setuid binary on SGI Tempo systems, allows for privilege escalation.
c32b2f12effe553e70e04d4889e25819691bd3ba3e5cc606cab0fa53442de067Moab suffers from an insecure message signing authentication bypass vulnerability. All versions up to 8 can be affected depending on the configuration.
85a019a8c4de29f5f84586a14f07c354e859db1b6a19ccec9cbb5d70e45cbceaMoab versions prior to 7.2.9 and 8 suffer from a user impersonation vulnerability.
06269ab2431aa1292e9d181643ace50442b15f7c22b2ca8e0be470c5e444f592Moab versions prior to 7.2.9 and 8 suffer from a dynamic reconfiguration authentication bypass issue that allows for remote code execution.
1d947c3d312bda1ccebc5c7622d54bcdfee0aa44575fcd3b9fa4410d0c6e6878Torque versions 2.5.13 and below suffer from a buffer overflow vulnerability.
d70ac68760be26990412a9557c8ba8998fd61ae6ed3c065bbd16318b9e99b85aApinit and aprun are utilities used to schedule tasks on Cray supercomputers. Apinit runs as a service on compute nodes and aprun is used to communicate with these nodes. The apinit service does not safely validate messages supplied to it through the use of aprun. Users of Cray systems are able to exploit this weakness in order to execute commands on the compute nodes of a Cray supercomputer as arbitrary users, including root (UID 0).
35dc2988dfa5b20f94f03cac3407ffef1d10ffa10d1fe9bd41390ba183fc8f33
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed