Apache Hadoop remote privilege escalation vulnerability (CVE-2018-8029)

News 2019-06-02 03:11:43 views: null
Apache remote privilege escalation vulnerability (CVE-2018-8029)


Release Date: 2019-05-30
Updated: 2019-05-31

Affected Systems:

Apache Group Hadoop 3.0.0-alpha1 - 3.1.0
Apache Group Hadoop 2.9.0 - 2.9.1
Apache Group Hadoop 2.2.0 - 2.8.4

Systems affected:

Apache Group Hadoop 3.1.1
Apache Group Hadoop 2.9.2
Apache Group Hadoop 2.8.5

description:

ID BUGTRAQ: 108518
CVE (CAN) ID: CVE-2018-8029

the Apache Hadoop is a US Apache (Apache) distributed system architecture of a set of open source Software Foundation. The product can be distributed processing large amounts of data, and having a high reliability, scalability, fault tolerance and other characteristics.
In Apache Hadoop 3.1.0 to version 3.0.0-alpha1, version 2.9.0 to 2.9.1, 2.2.0 to 2.8.4 version, there is a remote privilege escalation vulnerability. If an attacker can upgrade to the yarn user, you can run arbitrary commands as root.

<* Source: Akira Ajisaka
  *>

suggestions:

Manufacturers patch:

the Apache Group
------------
Current vendors have released an updated patch to fix the security issue, please go to the manufacturer's home page to download:

https://www.apache.org/security/projects .html

Guess you like

Origin www.linuxidc.com/Linux/2019-06/158916.htm
Recommended
Ranking
A quick primer on numpy basics
Two sister tease python project
Java | Multiple keywords in the replacement content are returned to the front end in red style
C ++: references
The string leetcood 1018 is a binary prefix divisible by 5
Flutter 布局组件
Java combat spingboot-redis
PMP pre-exam sprint and wrong questions sorting
ActiveMq C# Message Features: Delayed and Timed Message Delivery
DSP28377S_ copy a program from the RAM to FLASH portion DETAILS
Daily
More
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)

Code World

© 2018 codetd.com