[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 6066 Download | Alert*

In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user.

In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization mechanism, that file will be stored in a world-readable location and can be shared freely with any application that requests to localize that file.

Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before 2.8.3, and 3.0.0-alpha through 3.0.0-beta1 allows a cluster user to expose private files owned by the user running the MapReduce job history server process. The malicious user can construct a configuration file containing XML directives that reference sensitive files on the MapReduce job history server host.

The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the NodeManager to YARN Applications.

Apache Software Foundation Hadoop 2.2.0

Apache Software Foundation Hadoop 2.3.0

Apache Software Foundation Hadoop 2.4.0

Apache Software Foundation Hadoop 2.4.1

Apache Software Foundation Hadoop 2.5.0

Apache Software Foundation Hadoop 2.5.1

Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   606

© SecPod Technologies