Ransomware Considerations for HPC and Supercomputers
Ransomware and HPC: HPCsec looks at some key considerations for protecting your HPC environment and supercomputers from ransomware
John
BeeGFS Security
Guidance on securing a BeeGFS installation.
So you bought a HPE Cray EX supercomputer… What does this mean when it comes to security?
We take a look at the HPE Cray EX supercomputer platform from a security perspective.
Multiple IBM Spectrum LSF Authentication Vulnerabilities (Eauth) (CVE-2020-4983)
CVE: CVE-2020-4983
Severity: CVSS 9.6 (Critical)
Severity: CVSS 9.6 (Critical)
This advisory details two closely related vulnerabilities affecting versions of Spectrum LSF which can allow an adversary to gain root access to a cluster.
Spectrum Scale Exploit Analysis
Exploit code enabling a user to gain root access to a system running vulnerable versions of Spectrum Scale (GPFS) surfaced online. We've undertaken an analysis of this exploit code and written a safe script that you can use to check if your Spectrum Scale installation is vulnerable as well as some best practice advice for securing your installation.
Websphere, IIOP and Spectrum Scale GUI
HPCsec took a look at whether the recent critical vulnerabilities in IBM Websphere (CVE-2020-4448 + CVE-2020-4450) affect Spectrum Scale GUI users
Incorporating Security into your Next HPC Procurement v1.1
What security questions should you be asking during your next HPC/Supercomputer procurement?
BeeGFS Privilege Escalation (CVE-2019-15897)
A vulnerability exists in a default
installation of BeeGFS which allows users to perform operations which allow them to elevate their privileges and become root. This is due to a failure to properly authenticate a user when performing filesystem operations.
Sudo Vulnerability (CVE-2019-14287) Worked Example
CVE-2019-14287 is a vulnerability affecting versions of sudo < 1.8.28 which can allow users with sudo privileges to circumvent restrictions and become root.
This post is a worked example of exploiting this vulnerability.
This post is a worked example of exploiting this vulnerability.
PBS Professional MoM Authentication Bypass (CVE-2019-15719)
HPCsec have identified a vulnerability in PBS Pro which allows for arbitrary code execution on any node running the pbs_mom service. This vulnerability can be exploited by anyone in a position to communicate with the pbs_mom service from an authorized node within the cluster. Exploitation of this issue allows for arbitrary code execution as any other user including as root, even in installations where root is not permitted to submit jobs.