Title: Platform LSF Logging Facilities Symbolic Link Vulnerability
Severity: HIGH
Description:
LSF(Load Sharing Facility) is a series of tools for scheduling, monitoring and analyzing the workload of a network. It supports a number of Unix platforms and can also be used to manage workstations running the Microsoft Windows NT/2000 platforms.
A vulnerability in the software could make it possible for a local user to gain access to sensitive files. The problem is in the creation of log files by the LSF programs.
LSF maintains logs of application data for debugging purposes. This data is written to the preconfigured directory via the LSF_LOGDIR environment variable. In the event that this environment variable has not been set, the data is written to the /tmp directory. The variable may also be controlled by an unprivileged user when executed on the command line, forcing LSF to write log files to a specified location.
Upon execution, the software does not check for pre-existing log files. Since the program runs with root privileges and creates its log files with world-readable permissions, it is possible for a local user to create symbolic links to arbitrary files. it is possible for an attacker to gain read access to the file at the end of the symbolic link. This could allow a local attacker to gain administrative access on a vulnerable system.
Affected Products:
- Platform LSF 4.0.0
- Platform LSF 4.2.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
