CVE-2010-3380

Priority
Description
The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14
place the . (dot) directory in the LD_LIBRARY_PATH, which allows local
users to gain privileges via a Trojan horse shared library in the current
working directory.
Notes
Package
Upstream:released (2.1.15-2)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (2.6.5-1)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (15.08.7-1build1)
More Information

Updated: 2020-09-10 01:37:39 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)