Rapid7 Vulnerability & Exploit Database

RHSA-2010:0635: Red Hat High Performance Computing (HPC) Solution 5.5

Back to Search

RHSA-2010:0635: Red Hat High Performance Computing (HPC) Solution 5.5

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
05/27/2010
Created
07/25/2018
Added
08/30/2010
Modified
07/04/2017

Description

The Red Hat High Performance Computing (HPC) Solution version 5.5 for Red Hat Enterprise Linux 5.5, or RHHPC 5.5, is now available, fixing multiple security issues, multiple bugs, and adding several enhancements. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The Red Hat HPC Solution is a low-cost, end-to-end software stack for high performance computing. It provides all the tools needed to deploy, run, and manage an HPC cluster in one easy-to-install package. It is designed to power departmental clusters running industry-standard x86 64-bit hardware. This update introduces the Red Hat HPC Solution version 5.5 for Red Hat Enterprise Linux 5.5, RHHPC 5.5. (BZ#599419) RHHPC 5.5 changes include: * add-on kits updated according to the new upstream released version. * many bug fixes for PCM, and enhancements for image/diskless provisioning. The Cacti RRD graphing tool was updated to version 0.8.7g, fixing multiple security flaws: Multiple SQL injection flaws were discovered in Cacti. An unauthenticated, or authenticated user with certain administrative privileges, could use these flaws to execute arbitrary SQL queries. (CVE-2010-2092, CVE-2010-1431) Multiple command injection flaws were discovered in Cacti. An authenticated user with certain administrative privileges could use these flaws to execute arbitrary commands on the Cacti server with the privileges of the web server user. (CVE-2010-1645) Multiple cross-site scripting (XSS) flaws were discovered in Cacti. An unauthenticated, or authenticated user with certain administrative privileges, could perform an XSS attack against victims viewing Cacti web pages. (CVE-2009-4032, CVE-2010-1644, CVE-2010-2544, CVE-2010-2545) Users wanting to run the Red Hat HPC Solution on Red Hat Enterprise Linux 5.5 should install these packages.

Solution(s)

  • redhat-upgrade-blacs-mvapich1-gnu
  • redhat-upgrade-blacs-openmpi-gnu
  • redhat-upgrade-cacti
  • redhat-upgrade-component-base-installer
  • redhat-upgrade-component-base-node
  • redhat-upgrade-component-cacti
  • redhat-upgrade-component-ganglia-agent-v3_0
  • redhat-upgrade-component-ganglia-server-v3_0
  • redhat-upgrade-component-gnome-desktop
  • redhat-upgrade-component-icr-facilitator
  • redhat-upgrade-component-lava-compute-v1_0
  • redhat-upgrade-component-mvapich1-libraries
  • redhat-upgrade-component-nagios-installer-v2_12
  • redhat-upgrade-component-ntop-v3_3
  • redhat-upgrade-component-rhel-ofed
  • redhat-upgrade-component-rhel-ofed-devel
  • redhat-upgrade-environment-modules
  • redhat-upgrade-geoip
  • redhat-upgrade-geoip-devel
  • redhat-upgrade-initrd-templates
  • redhat-upgrade-iozone
  • redhat-upgrade-kit-base
  • redhat-upgrade-kit-cacti
  • redhat-upgrade-kit-ganglia
  • redhat-upgrade-kit-hpc
  • redhat-upgrade-kit-lava
  • redhat-upgrade-kit-nagios
  • redhat-upgrade-kit-ntop
  • redhat-upgrade-kit-rhel-ofed
  • redhat-upgrade-kit-rhel_java
  • redhat-upgrade-kusu-appglobals-tool
  • redhat-upgrade-kusu-autoinstall
  • redhat-upgrade-kusu-base-installer
  • redhat-upgrade-kusu-base-node
  • redhat-upgrade-kusu-boot
  • redhat-upgrade-kusu-buildkit
  • redhat-upgrade-kusu-core
  • redhat-upgrade-kusu-driverpatch
  • redhat-upgrade-kusu-hardware
  • redhat-upgrade-kusu-installer
  • redhat-upgrade-kusu-kitops
  • redhat-upgrade-kusu-md5crypt
  • redhat-upgrade-kusu-net-tool
  • redhat-upgrade-kusu-networktool
  • redhat-upgrade-kusu-nodeinstaller
  • redhat-upgrade-kusu-nodeinstaller-patchfiles
  • redhat-upgrade-kusu-path
  • redhat-upgrade-kusu-release
  • redhat-upgrade-kusu-repoman
  • redhat-upgrade-kusu-ui
  • redhat-upgrade-kusu-util
  • redhat-upgrade-lava
  • redhat-upgrade-lava-devel
  • redhat-upgrade-lava-master-config
  • redhat-upgrade-lava-static
  • redhat-upgrade-linpack-mvapich1-gnu
  • redhat-upgrade-linpack-openmpi-gnu
  • redhat-upgrade-nagios-plugins
  • redhat-upgrade-nagios-plugins-all
  • redhat-upgrade-nagios-plugins-apt
  • redhat-upgrade-nagios-plugins-breeze
  • redhat-upgrade-nagios-plugins-by_ssh
  • redhat-upgrade-nagios-plugins-cluster
  • redhat-upgrade-nagios-plugins-dhcp
  • redhat-upgrade-nagios-plugins-dig
  • redhat-upgrade-nagios-plugins-disk
  • redhat-upgrade-nagios-plugins-disk_smb
  • redhat-upgrade-nagios-plugins-dns
  • redhat-upgrade-nagios-plugins-dummy
  • redhat-upgrade-nagios-plugins-file_age
  • redhat-upgrade-nagios-plugins-flexlm
  • redhat-upgrade-nagios-plugins-fping
  • redhat-upgrade-nagios-plugins-hpjd
  • redhat-upgrade-nagios-plugins-http
  • redhat-upgrade-nagios-plugins-icmp
  • redhat-upgrade-nagios-plugins-ide_smart
  • redhat-upgrade-nagios-plugins-ifoperstatus
  • redhat-upgrade-nagios-plugins-ifstatus
  • redhat-upgrade-nagios-plugins-ircd
  • redhat-upgrade-nagios-plugins-ldap
  • redhat-upgrade-nagios-plugins-linux_raid
  • redhat-upgrade-nagios-plugins-load
  • redhat-upgrade-nagios-plugins-log
  • redhat-upgrade-nagios-plugins-mailq
  • redhat-upgrade-nagios-plugins-mrtg
  • redhat-upgrade-nagios-plugins-mrtgtraf
  • redhat-upgrade-nagios-plugins-mysql
  • redhat-upgrade-nagios-plugins-nagios
  • redhat-upgrade-nagios-plugins-nrpe
  • redhat-upgrade-nagios-plugins-nt
  • redhat-upgrade-nagios-plugins-ntp
  • redhat-upgrade-nagios-plugins-nwstat
  • redhat-upgrade-nagios-plugins-oracle
  • redhat-upgrade-nagios-plugins-overcr
  • redhat-upgrade-nagios-plugins-perl
  • redhat-upgrade-nagios-plugins-pgsql
  • redhat-upgrade-nagios-plugins-ping
  • redhat-upgrade-nagios-plugins-procs
  • redhat-upgrade-nagios-plugins-radius
  • redhat-upgrade-nagios-plugins-real
  • redhat-upgrade-nagios-plugins-rpc
  • redhat-upgrade-nagios-plugins-sensors
  • redhat-upgrade-nagios-plugins-smtp
  • redhat-upgrade-nagios-plugins-snmp
  • redhat-upgrade-nagios-plugins-ssh
  • redhat-upgrade-nagios-plugins-swap
  • redhat-upgrade-nagios-plugins-tcp
  • redhat-upgrade-nagios-plugins-time
  • redhat-upgrade-nagios-plugins-udp
  • redhat-upgrade-nagios-plugins-ups
  • redhat-upgrade-nagios-plugins-users
  • redhat-upgrade-nagios-plugins-wave
  • redhat-upgrade-netcdf
  • redhat-upgrade-netcdf-devel
  • redhat-upgrade-nrpe
  • redhat-upgrade-ntop
  • redhat-upgrade-pcm
  • redhat-upgrade-pcm-kit-base
  • redhat-upgrade-pcm-kit-hpc
  • redhat-upgrade-pcm-kit-ntop
  • redhat-upgrade-platform_mvapich
  • redhat-upgrade-primitive
  • redhat-upgrade-python-ipy
  • redhat-upgrade-python-psycopg2
  • redhat-upgrade-python-psycopg2-doc
  • redhat-upgrade-python-psycopg2-zope
  • redhat-upgrade-scalapack-mvapich1-gnu
  • redhat-upgrade-scalapack-openmpi-gnu

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;