CVE-2004-0318

Name of the Vulnerable Software and Affected Versions Load Sharing Facility (LSF) versions 4.x through 6.x

Description The issue allows remote attackers within the local cluster to gain privileges by utilizing the LSF EAUTH UID environment variable, if it exists, instead of the real UID of the user.

Recommendations For versions 4.x through 6.x, consider restricting access to the LSF EAUTH UID environment variable to prevent unauthorized privilege escalation until a patch is available. As a temporary workaround, avoid using the LSF EAUTH UID environment variable to minimize the risk of exploitation.