gLExec Vulnerability Reports
- GLEXEC-2009-0001
- Any user that can run the glexec executable, can insert arbitrary lines into
the glexec log file.
- GLEXEC-2009-0002
- Any user that can run the glexec executable, and is in the white list of
users allowed to run glexec, can elevate their privilege to the root user.
- GLEXEC-2009-0003
- Any user that can run the glexec executable, and is in the white list of
users allowed to run glexec, can obtain the contents of certain files that
they do not have permission to access.
- GLEXEC-2009-0004
- Any user that can run the glexec executable, and is in the white list of
users allowed to run glexec, can elevate their privilege to the root user.
- GLEXEC-2009-0005
- The operator of glexec could configure glexec in a way that would unknowingly
allow a root exploit similar to those described in reports GLEXEC-2009-0002 and
GLEXEC-2009-0004.
- GLEXEC-2011-0001
- When using gLExec in a typical configuration it is possible for malicious jobs
to continue consuming resources and in certain situation to attack subsequent
jobs.