RSS   Vulnerabilities for 'TAU'   RSS

2010-10-20
 
CVE-2010-3382

CWE-DesignError
 

 
tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

 
2008-11-18
 
CVE-2008-5157

CWE-59
 

 
tau 2.16.4 allows local users to overwrite arbitrary files via a symlink attack on a (1) /tmp/makefile.tau.*.##### or (2) /tmp/makefile.tau*.##### temporary file, related to the (a) tau_cxx, (b) tau_f90, and (c) tau_cc scripts.

 


Copyright 2024, cxsecurity.com

 

Back to Top