← Back

CVE-2010-3380

nvd nist
Published: Sep 29, 2010Modified: Apr 29, 2026

JSON object

Loading...
6.9
Vector
AV:L/AC:M/Au:N/C:C/I:C/A:C
Exploitability: 3.4 / Impact: 10.0
Source: NVD

Description

The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) directory in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

Affected (29)

Products: Llnl: Slurm
Llnl
1 product
Slurm
Configuration A
29 vulnerable
Vulnerable SoftwareAffected Versions
Llnl
Slurm
Up to 2.1.13
Slurm
Version 1.3.10
Slurm
Version 1.3.11
Slurm
Version 1.3.12
Slurm
Version 1.3.13
Slurm
Version 1.3.14
Slurm
Version 1.3.15
Slurm
Version 2.0.0
Slurm
Version 2.0.1
Slurm
Version 2.0.2
Slurm
Version 2.0.3
Slurm
Version 2.0.4
Slurm
Version 2.0.5
Slurm
Version 2.0.6
Slurm
Version 2.0.7
Slurm
Version 2.0.8
Slurm
Version 2.0.9
Slurm
Version 2.1.0
Slurm
Version 2.1.10
Slurm
Version 2.1.11
Slurm
Version 2.1.12
Slurm
Version 2.1.1
Slurm
Version 2.1.2
Slurm
Version 2.1.4
Slurm
Version 2.1.5
Slurm
Version 2.1.6
Slurm
Version 2.1.7
Slurm
Version 2.1.8
Slurm
Version 2.1.9

References (6)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.