Download
| Alert*
oval:org.secpod.oval:def:1900509
The oarsh script in OAR before 2.5.7 allows remote authenticated users of acluster to obtain sensitive information and possibly gain privileges via vectors related to Opelibnss3-devH options. oval:org.secpod.oval:def:602460 Emmanuel Thome discovered that missing sanitising in the oarsh command of OAR, a software used to manage jobs and resources of HPC clusters, could result in privilege escalation. |