VULHUB ™

LSF(Load Sharing Facility) is a series of tools for scheduling, monitoring and analyzing the workload of a network. It supports a number of Unix platforms and can also be used to manage workstations running the Microsoft Windows NT/2000 platforms. lsadmin and badmin do not implement sufficient bounds checking when they try to determine their environment directory. It is possible to cause a segmentation fault by setting a LSF_ENVDIR environment variable to an excessive length. As lsadmin and badmin are both setuid root, it is possible for a local attacker to exploit this issue to execute arbitrary code to gain elevated privileges.

LSF(Load Sharing Facility) is a series of tools for scheduling, monitoring and analyzing the workload of a network. It supports a number of Unix platforms and can also be used to manage workstations running the Microsoft Windows NT/2000 platforms. lsadmin and badmin do not implement sufficient bounds checking when they try to determine their environment directory. It is possible to cause a segmentation fault by setting a LSF_ENVDIR environment variable to an excessive length. As lsadmin and badmin are both setuid root, it is possible for a local attacker to exploit this issue to execute arbitrary code to gain elevated privileges.