Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    34 vulnerabilities found for condor by condor_project

    CVE-2012-5390 (GCVE-0-2012-5390)

    Vulnerability from nvd – Published: 2014-06-06 14:00 – Updated: 2024-08-06 21:05
    VLAI
    Summary
    The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://research.cs.wisc.edu/htcondor/security/vul… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/57328 vdb-entryx_refsource_BID
    http://secunia.com/advisories/51862 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2013-01-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T21:05:47.238Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
              },
              {
                "name": "57328",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/57328"
              },
              {
                "name": "51862",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/51862"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-01-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-06-06T13:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
            },
            {
              "name": "57328",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/57328"
            },
            {
              "name": "51862",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/51862"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2012-5390",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
                },
                {
                  "name": "57328",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/57328"
                },
                {
                  "name": "51862",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/51862"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2012-5390",
        "datePublished": "2014-06-06T14:00:00.000Z",
        "dateReserved": "2012-10-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T21:05:47.238Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4930 (GCVE-0-2011-4930)

    Vulnerability from nvd – Published: 2014-02-10 17:00 – Updated: 2024-08-07 00:23
    VLAI
    Summary
    Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-02-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:23:38.555Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=759548"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429"
              },
              {
                "name": "RHSA-2012:0099",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0099.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264"
              },
              {
                "name": "RHSA-2012:0100",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0100.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-02-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-02-10T16:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=759548"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429"
            },
            {
              "name": "RHSA-2012:0099",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0099.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264"
            },
            {
              "name": "RHSA-2012:0100",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0100.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-4930",
        "datePublished": "2014-02-10T17:00:00.000Z",
        "dateReserved": "2011-12-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:23:38.555Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4255 (GCVE-0-2013-4255)

    Vulnerability from nvd – Published: 2013-10-11 22:00 – Updated: 2024-08-06 16:38
    VLAI
    Summary
    The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:38:01.601Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2013:1172",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
              },
              {
                "name": "RHSA-2013:1171",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-10-11T22:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2013:1172",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
            },
            {
              "name": "RHSA-2013:1171",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-4255",
        "datePublished": "2013-10-11T22:00:00.000Z",
        "dateReserved": "2013-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:38:01.601Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-5136 (GCVE-0-2009-5136)

    Vulnerability from nvd – Published: 2013-10-11 22:00 – Updated: 2024-09-17 03:23
    VLAI
    Summary
    The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:32:23.810Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
              },
              {
                "name": "RHSA-2010:0773",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-10-11T22:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
            },
            {
              "name": "RHSA-2010:0773",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-5136",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001",
                  "refsource": "CONFIRM",
                  "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=540545",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
                },
                {
                  "name": "RHSA-2010:0773",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
                },
                {
                  "name": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-5136",
        "datePublished": "2013-10-11T22:00:00.000Z",
        "dateReserved": "2013-10-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:23:50.691Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-4462 (GCVE-0-2012-4462)

    Vulnerability from nvd – Published: 2013-03-12 15:00 – Updated: 2024-08-06 20:35
    VLAI
    Summary
    aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:35:09.645Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=8f9b304c4f6c0a98dafa61b2c0e4beb3b70e4c84"
              },
              {
                "name": "RHSA-2013:0564",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2013-0564.html"
              },
              {
                "name": "RHSA-2013:0565",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2013-0565.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=860850"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-03-12T15:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=8f9b304c4f6c0a98dafa61b2c0e4beb3b70e4c84"
            },
            {
              "name": "RHSA-2013:0564",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0564.html"
            },
            {
              "name": "RHSA-2013:0565",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0565.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=860850"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-4462",
        "datePublished": "2013-03-12T15:00:00.000Z",
        "dateReserved": "2012-08-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:35:09.645Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-5197 (GCVE-0-2012-5197)

    Vulnerability from nvd – Published: 2012-09-28 17:00 – Updated: 2024-08-06 20:58
    VLAI
    Summary
    Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-09-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:58:03.181Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "condor-multiple-unspecified(78974)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-09-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to \"error checking of system calls.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "condor-multiple-unspecified(78974)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2012-5197",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to \"error checking of system calls.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "condor-multiple-unspecified(78974)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2012-5197",
        "datePublished": "2012-09-28T17:00:00.000Z",
        "dateReserved": "2012-09-28T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:58:03.181Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-5196 (GCVE-0-2012-5196)

    Vulnerability from nvd – Published: 2012-09-28 17:00 – Updated: 2024-08-06 20:58
    VLAI
    Summary
    Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-09-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:58:03.213Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
              },
              {
                "name": "condor-multiple-bo(78975)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-09-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
            },
            {
              "name": "condor-multiple-bo(78975)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2012-5196",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
                },
                {
                  "name": "condor-multiple-bo(78975)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2012-5196",
        "datePublished": "2012-09-28T17:00:00.000Z",
        "dateReserved": "2012-09-28T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:58:03.213Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3493 (GCVE-0-2012-3493)

    Vulnerability from nvd – Published: 2012-09-28 17:00 – Updated: 2024-09-16 22:51
    VLAI
    Summary
    The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.645Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "55632",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55632"
              },
              {
                "name": "RHSA-2012:1278",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
              },
              {
                "name": "RHSA-2012:1281",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972"
              },
              {
                "name": "50666",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50666"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
              },
              {
                "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-09-28T17:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "55632",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55632"
            },
            {
              "name": "RHSA-2012:1278",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
            },
            {
              "name": "RHSA-2012:1281",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972"
            },
            {
              "name": "50666",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50666"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
            },
            {
              "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3493",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "55632",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/55632"
                },
                {
                  "name": "RHSA-2012:1278",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
                },
                {
                  "name": "RHSA-2012:1281",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
                },
                {
                  "name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=d2f33972",
                  "refsource": "CONFIRM",
                  "url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=d2f33972"
                },
                {
                  "name": "50666",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/50666"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=848222",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
                },
                {
                  "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3493",
        "datePublished": "2012-09-28T17:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:51:51.036Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3492 (GCVE-0-2012-3492)

    Vulnerability from nvd – Published: 2012-09-28 17:00 – Updated: 2024-09-16 22:24
    VLAI
    Summary
    The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.676Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "55632",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55632"
              },
              {
                "name": "RHSA-2012:1278",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805"
              },
              {
                "name": "RHSA-2012:1281",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
              },
              {
                "name": "50666",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50666"
              },
              {
                "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user\u0027s authentication directory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-09-28T17:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "55632",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55632"
            },
            {
              "name": "RHSA-2012:1278",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805"
            },
            {
              "name": "RHSA-2012:1281",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
            },
            {
              "name": "50666",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50666"
            },
            {
              "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3492",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user\u0027s authentication directory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "55632",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/55632"
                },
                {
                  "name": "RHSA-2012:1278",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
                },
                {
                  "name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1db67805",
                  "refsource": "CONFIRM",
                  "url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1db67805"
                },
                {
                  "name": "RHSA-2012:1281",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
                },
                {
                  "name": "50666",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/50666"
                },
                {
                  "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3492",
        "datePublished": "2012-09-28T17:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:24:48.721Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3491 (GCVE-0-2012-3491)

    Vulnerability from nvd – Published: 2012-09-28 17:00 – Updated: 2024-09-16 23:55
    VLAI
    Summary
    src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.665Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
              },
              {
                "name": "55632",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55632"
              },
              {
                "name": "RHSA-2012:1278",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
              },
              {
                "name": "RHSA-2012:1281",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40"
              },
              {
                "name": "50666",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50666"
              },
              {
                "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-09-28T17:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
            },
            {
              "name": "55632",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55632"
            },
            {
              "name": "RHSA-2012:1278",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
            },
            {
              "name": "RHSA-2012:1281",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40"
            },
            {
              "name": "50666",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50666"
            },
            {
              "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3491",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=848214",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
                },
                {
                  "name": "55632",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/55632"
                },
                {
                  "name": "RHSA-2012:1278",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
                },
                {
                  "name": "RHSA-2012:1281",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
                },
                {
                  "name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1fff5d40",
                  "refsource": "CONFIRM",
                  "url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1fff5d40"
                },
                {
                  "name": "50666",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/50666"
                },
                {
                  "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3491",
        "datePublished": "2012-09-28T17:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:55:46.109Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3416 (GCVE-0-2012-3416)

    Vulnerability from nvd – Published: 2012-08-25 10:00 – Updated: 2024-08-06 20:05
    VLAI
    Summary
    Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://rhn.redhat.com/errata/RHSA-2012-1168.html vendor-advisoryx_refsource_REDHAT
    http://www.securitytracker.com/id?1027395 vdb-entryx_refsource_SECTRACK
    http://osvdb.org/84766 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/50246 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/55032 vdb-entryx_refsource_BID
    http://secunia.com/advisories/50294 third-party-advisoryx_refsource_SECUNIA
    http://rhn.redhat.com/errata/RHSA-2012-1169.html vendor-advisoryx_refsource_REDHAT
    http://research.cs.wisc.edu/condor/security/vulne… x_refsource_CONFIRM
    Date Public
    2012-08-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.446Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "condor-reverse-dns-security-bypass(77748)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77748"
              },
              {
                "name": "RHSA-2012:1168",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1168.html"
              },
              {
                "name": "1027395",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1027395"
              },
              {
                "name": "84766",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/84766"
              },
              {
                "name": "50246",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50246"
              },
              {
                "name": "55032",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55032"
              },
              {
                "name": "50294",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50294"
              },
              {
                "name": "RHSA-2012:1169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1169.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2012-0002.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-08-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "condor-reverse-dns-security-bypass(77748)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77748"
            },
            {
              "name": "RHSA-2012:1168",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1168.html"
            },
            {
              "name": "1027395",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1027395"
            },
            {
              "name": "84766",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/84766"
            },
            {
              "name": "50246",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50246"
            },
            {
              "name": "55032",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55032"
            },
            {
              "name": "50294",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50294"
            },
            {
              "name": "RHSA-2012:1169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1169.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2012-0002.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3416",
        "datePublished": "2012-08-25T10:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:05:12.446Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4133 (GCVE-0-2009-4133)

    Vulnerability from nvd – Published: 2009-12-23 18:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-12-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:09.951Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2009:1689",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2009-1689.html"
              },
              {
                "name": "condor-jobs-security-bypass(54984)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54984"
              },
              {
                "name": "37766",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37766"
              },
              {
                "name": "RHSA-2009:1688",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2009-1688.html"
              },
              {
                "name": "1023378",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023378"
              },
              {
                "name": "37443",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37443"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=544371"
              },
              {
                "name": "37803",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37803"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-12-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2009:1689",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1689.html"
            },
            {
              "name": "condor-jobs-security-bypass(54984)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54984"
            },
            {
              "name": "37766",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37766"
            },
            {
              "name": "RHSA-2009:1688",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1688.html"
            },
            {
              "name": "1023378",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023378"
            },
            {
              "name": "37443",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37443"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=544371"
            },
            {
              "name": "37803",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37803"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2009-4133",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2009:1689",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2009-1689.html"
                },
                {
                  "name": "condor-jobs-security-bypass(54984)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54984"
                },
                {
                  "name": "37766",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37766"
                },
                {
                  "name": "RHSA-2009:1688",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2009-1688.html"
                },
                {
                  "name": "1023378",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023378"
                },
                {
                  "name": "37443",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37443"
                },
                {
                  "name": "http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018",
                  "refsource": "MISC",
                  "url": "http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018"
                },
                {
                  "name": "http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=544371",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=544371"
                },
                {
                  "name": "37803",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37803"
                },
                {
                  "name": "http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000",
                  "refsource": "CONFIRM",
                  "url": "http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-4133",
        "datePublished": "2009-12-23T18:00:00.000Z",
        "dateReserved": "2009-12-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:09.951Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3830 (GCVE-0-2008-3830)

    Vulnerability from nvd – Published: 2008-10-08 20:44 – Updated: 2024-08-07 09:53
    VLAI
    Summary
    Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stab… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1021002 vdb-entryx_refsource_SECTRACK
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/32232 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/32189 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/31621 vdb-entryx_refsource_BID
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/32193 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2008/2760 vdb-entryx_refsource_VUPEN
    Date Public
    2008-10-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:53:00.315Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
              },
              {
                "name": "1021002",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1021002"
              },
              {
                "name": "RHSA-2008:0924",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
              },
              {
                "name": "32232",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32232"
              },
              {
                "name": "32189",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32189"
              },
              {
                "name": "31621",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/31621"
              },
              {
                "name": "FEDORA-2008-8733",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
              },
              {
                "name": "32193",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32193"
              },
              {
                "name": "RHSA-2008:0911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
              },
              {
                "name": "ADV-2008-2760",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2760"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-10-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-10T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
            },
            {
              "name": "1021002",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1021002"
            },
            {
              "name": "RHSA-2008:0924",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
            },
            {
              "name": "32232",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32232"
            },
            {
              "name": "32189",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32189"
            },
            {
              "name": "31621",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/31621"
            },
            {
              "name": "FEDORA-2008-8733",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
            },
            {
              "name": "32193",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32193"
            },
            {
              "name": "RHSA-2008:0911",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
            },
            {
              "name": "ADV-2008-2760",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2760"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2008-3830",
        "datePublished": "2008-10-08T20:44:00.000Z",
        "dateReserved": "2008-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:53:00.315Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3829 (GCVE-0-2008-3829)

    Vulnerability from nvd – Published: 2008-10-08 20:44 – Updated: 2024-08-07 09:53
    VLAI
    Summary
    Unspecified vulnerability in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stab… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1021002 vdb-entryx_refsource_SECTRACK
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/32232 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/32189 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/31621 vdb-entryx_refsource_BID
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/32193 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2008/2760 vdb-entryx_refsource_VUPEN
    Date Public
    2008-10-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:53:00.143Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
              },
              {
                "name": "1021002",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1021002"
              },
              {
                "name": "RHSA-2008:0924",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
              },
              {
                "name": "32232",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32232"
              },
              {
                "name": "32189",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32189"
              },
              {
                "name": "31621",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/31621"
              },
              {
                "name": "FEDORA-2008-8733",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
              },
              {
                "name": "32193",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32193"
              },
              {
                "name": "RHSA-2008:0911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
              },
              {
                "name": "ADV-2008-2760",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2760"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-10-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-10T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
            },
            {
              "name": "1021002",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1021002"
            },
            {
              "name": "RHSA-2008:0924",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
            },
            {
              "name": "32232",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32232"
            },
            {
              "name": "32189",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32189"
            },
            {
              "name": "31621",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/31621"
            },
            {
              "name": "FEDORA-2008-8733",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
            },
            {
              "name": "32193",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32193"
            },
            {
              "name": "RHSA-2008:0911",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
            },
            {
              "name": "ADV-2008-2760",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2760"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2008-3829",
        "datePublished": "2008-10-08T20:44:00.000Z",
        "dateReserved": "2008-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:53:00.143Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3828 (GCVE-0-2008-3828)

    Vulnerability from nvd – Published: 2008-10-08 20:44 – Updated: 2024-08-07 09:53
    VLAI
    Summary
    Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stab… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1021002 vdb-entryx_refsource_SECTRACK
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/32232 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/32189 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/31621 vdb-entryx_refsource_BID
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/32193 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2008/2760 vdb-entryx_refsource_VUPEN
    Date Public
    2008-10-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:53:00.405Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
              },
              {
                "name": "1021002",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1021002"
              },
              {
                "name": "RHSA-2008:0924",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
              },
              {
                "name": "32232",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32232"
              },
              {
                "name": "32189",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32189"
              },
              {
                "name": "31621",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/31621"
              },
              {
                "name": "FEDORA-2008-8733",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
              },
              {
                "name": "32193",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32193"
              },
              {
                "name": "RHSA-2008:0911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
              },
              {
                "name": "ADV-2008-2760",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2760"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-10-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-10T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
            },
            {
              "name": "1021002",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1021002"
            },
            {
              "name": "RHSA-2008:0924",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
            },
            {
              "name": "32232",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32232"
            },
            {
              "name": "32189",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32189"
            },
            {
              "name": "31621",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/31621"
            },
            {
              "name": "FEDORA-2008-8733",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
            },
            {
              "name": "32193",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32193"
            },
            {
              "name": "RHSA-2008:0911",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
            },
            {
              "name": "ADV-2008-2760",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2760"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2008-3828",
        "datePublished": "2008-10-08T20:44:00.000Z",
        "dateReserved": "2008-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:53:00.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3826 (GCVE-0-2008-3826)

    Vulnerability from nvd – Published: 2008-10-08 20:44 – Updated: 2024-08-07 09:53
    VLAI
    Summary
    Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stab… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1021002 vdb-entryx_refsource_SECTRACK
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/32232 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/32189 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/31621 vdb-entryx_refsource_BID
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/32193 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2008/2760 vdb-entryx_refsource_VUPEN
    Date Public
    2008-10-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:53:00.388Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
              },
              {
                "name": "1021002",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1021002"
              },
              {
                "name": "RHSA-2008:0924",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
              },
              {
                "name": "32232",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32232"
              },
              {
                "name": "32189",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32189"
              },
              {
                "name": "31621",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/31621"
              },
              {
                "name": "FEDORA-2008-8733",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
              },
              {
                "name": "32193",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32193"
              },
              {
                "name": "RHSA-2008:0911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
              },
              {
                "name": "ADV-2008-2760",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2760"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-10-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Condor before 7.0.5 allows attackers to execute jobs as other users via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-10T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
            },
            {
              "name": "1021002",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1021002"
            },
            {
              "name": "RHSA-2008:0924",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
            },
            {
              "name": "32232",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32232"
            },
            {
              "name": "32189",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32189"
            },
            {
              "name": "31621",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/31621"
            },
            {
              "name": "FEDORA-2008-8733",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
            },
            {
              "name": "32193",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32193"
            },
            {
              "name": "RHSA-2008:0911",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
            },
            {
              "name": "ADV-2008-2760",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2760"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2008-3826",
        "datePublished": "2008-10-08T20:44:00.000Z",
        "dateReserved": "2008-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:53:00.388Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-5390 (GCVE-0-2012-5390)

    Vulnerability from cvelistv5 – Published: 2014-06-06 14:00 – Updated: 2024-08-06 21:05
    VLAI
    Summary
    The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://research.cs.wisc.edu/htcondor/security/vul… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/57328 vdb-entryx_refsource_BID
    http://secunia.com/advisories/51862 third-party-advisoryx_refsource_SECUNIA
    Date Public
    2013-01-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T21:05:47.238Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
              },
              {
                "name": "57328",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/57328"
              },
              {
                "name": "51862",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/51862"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-01-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-06-06T13:57:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
            },
            {
              "name": "57328",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/57328"
            },
            {
              "name": "51862",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/51862"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2012-5390",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
                },
                {
                  "name": "57328",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/57328"
                },
                {
                  "name": "51862",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/51862"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2012-5390",
        "datePublished": "2014-06-06T14:00:00.000Z",
        "dateReserved": "2012-10-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T21:05:47.238Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4930 (GCVE-0-2011-4930)

    Vulnerability from cvelistv5 – Published: 2014-02-10 17:00 – Updated: 2024-08-07 00:23
    VLAI
    Summary
    Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-02-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:23:38.555Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=759548"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429"
              },
              {
                "name": "RHSA-2012:0099",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0099.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264"
              },
              {
                "name": "RHSA-2012:0100",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-0100.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-02-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2014-02-10T16:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=759548"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429"
            },
            {
              "name": "RHSA-2012:0099",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0099.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264"
            },
            {
              "name": "RHSA-2012:0100",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-0100.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-4930",
        "datePublished": "2014-02-10T17:00:00.000Z",
        "dateReserved": "2011-12-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:23:38.555Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-5136 (GCVE-0-2009-5136)

    Vulnerability from cvelistv5 – Published: 2013-10-11 22:00 – Updated: 2024-09-17 03:23
    VLAI
    Summary
    The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T07:32:23.810Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
              },
              {
                "name": "RHSA-2010:0773",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-10-11T22:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
            },
            {
              "name": "RHSA-2010:0773",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2009-5136",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001",
                  "refsource": "CONFIRM",
                  "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=540545",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
                },
                {
                  "name": "RHSA-2010:0773",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
                },
                {
                  "name": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2009-5136",
        "datePublished": "2013-10-11T22:00:00.000Z",
        "dateReserved": "2013-10-11T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:23:50.691Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4255 (GCVE-0-2013-4255)

    Vulnerability from cvelistv5 – Published: 2013-10-11 22:00 – Updated: 2024-08-06 16:38
    VLAI
    Summary
    The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:38:01.601Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2013:1172",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
              },
              {
                "name": "RHSA-2013:1171",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-10-11T22:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2013:1172",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
            },
            {
              "name": "RHSA-2013:1171",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-4255",
        "datePublished": "2013-10-11T22:00:00.000Z",
        "dateReserved": "2013-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:38:01.601Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-4462 (GCVE-0-2012-4462)

    Vulnerability from cvelistv5 – Published: 2013-03-12 15:00 – Updated: 2024-08-06 20:35
    VLAI
    Summary
    aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:35:09.645Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=8f9b304c4f6c0a98dafa61b2c0e4beb3b70e4c84"
              },
              {
                "name": "RHSA-2013:0564",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2013-0564.html"
              },
              {
                "name": "RHSA-2013:0565",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2013-0565.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=860850"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2013-03-12T15:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=8f9b304c4f6c0a98dafa61b2c0e4beb3b70e4c84"
            },
            {
              "name": "RHSA-2013:0564",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0564.html"
            },
            {
              "name": "RHSA-2013:0565",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0565.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=860850"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-4462",
        "datePublished": "2013-03-12T15:00:00.000Z",
        "dateReserved": "2012-08-21T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:35:09.645Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3491 (GCVE-0-2012-3491)

    Vulnerability from cvelistv5 – Published: 2012-09-28 17:00 – Updated: 2024-09-16 23:55
    VLAI
    Summary
    src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.665Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
              },
              {
                "name": "55632",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55632"
              },
              {
                "name": "RHSA-2012:1278",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
              },
              {
                "name": "RHSA-2012:1281",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40"
              },
              {
                "name": "50666",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50666"
              },
              {
                "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-09-28T17:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
            },
            {
              "name": "55632",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55632"
            },
            {
              "name": "RHSA-2012:1278",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
            },
            {
              "name": "RHSA-2012:1281",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40"
            },
            {
              "name": "50666",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50666"
            },
            {
              "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3491",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=848214",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
                },
                {
                  "name": "55632",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/55632"
                },
                {
                  "name": "RHSA-2012:1278",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
                },
                {
                  "name": "RHSA-2012:1281",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
                },
                {
                  "name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1fff5d40",
                  "refsource": "CONFIRM",
                  "url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1fff5d40"
                },
                {
                  "name": "50666",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/50666"
                },
                {
                  "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3491",
        "datePublished": "2012-09-28T17:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:55:46.109Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3492 (GCVE-0-2012-3492)

    Vulnerability from cvelistv5 – Published: 2012-09-28 17:00 – Updated: 2024-09-16 22:24
    VLAI
    Summary
    The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.676Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "55632",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55632"
              },
              {
                "name": "RHSA-2012:1278",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805"
              },
              {
                "name": "RHSA-2012:1281",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
              },
              {
                "name": "50666",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50666"
              },
              {
                "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user\u0027s authentication directory."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-09-28T17:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "55632",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55632"
            },
            {
              "name": "RHSA-2012:1278",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805"
            },
            {
              "name": "RHSA-2012:1281",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
            },
            {
              "name": "50666",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50666"
            },
            {
              "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3492",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user\u0027s authentication directory."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "55632",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/55632"
                },
                {
                  "name": "RHSA-2012:1278",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
                },
                {
                  "name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1db67805",
                  "refsource": "CONFIRM",
                  "url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1db67805"
                },
                {
                  "name": "RHSA-2012:1281",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
                },
                {
                  "name": "50666",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/50666"
                },
                {
                  "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3492",
        "datePublished": "2012-09-28T17:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:24:48.721Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-5197 (GCVE-0-2012-5197)

    Vulnerability from cvelistv5 – Published: 2012-09-28 17:00 – Updated: 2024-08-06 20:58
    VLAI
    Summary
    Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-09-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:58:03.181Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "condor-multiple-unspecified(78974)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-09-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to \"error checking of system calls.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "condor-multiple-unspecified(78974)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2012-5197",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to \"error checking of system calls.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "condor-multiple-unspecified(78974)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2012-5197",
        "datePublished": "2012-09-28T17:00:00.000Z",
        "dateReserved": "2012-09-28T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:58:03.181Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3493 (GCVE-0-2012-3493)

    Vulnerability from cvelistv5 – Published: 2012-09-28 17:00 – Updated: 2024-09-16 22:51
    VLAI
    Summary
    The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.645Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "55632",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55632"
              },
              {
                "name": "RHSA-2012:1278",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
              },
              {
                "name": "RHSA-2012:1281",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972"
              },
              {
                "name": "50666",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50666"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
              },
              {
                "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-09-28T17:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "55632",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55632"
            },
            {
              "name": "RHSA-2012:1278",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
            },
            {
              "name": "RHSA-2012:1281",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972"
            },
            {
              "name": "50666",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50666"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
            },
            {
              "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2012-3493",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "55632",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/55632"
                },
                {
                  "name": "RHSA-2012:1278",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
                },
                {
                  "name": "RHSA-2012:1281",
                  "refsource": "REDHAT",
                  "url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
                },
                {
                  "name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=d2f33972",
                  "refsource": "CONFIRM",
                  "url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=d2f33972"
                },
                {
                  "name": "50666",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/50666"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=848222",
                  "refsource": "MISC",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
                },
                {
                  "name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
                  "refsource": "MLIST",
                  "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3493",
        "datePublished": "2012-09-28T17:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-09-16T22:51:51.036Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-5196 (GCVE-0-2012-5196)

    Vulnerability from cvelistv5 – Published: 2012-09-28 17:00 – Updated: 2024-08-06 20:58
    VLAI
    Summary
    Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2012-09-19 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:58:03.213Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
              },
              {
                "name": "condor-multiple-bo(78975)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-09-19T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
            },
            {
              "name": "condor-multiple-bo(78975)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2012-5196",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
                },
                {
                  "name": "condor-multiple-bo(78975)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
                },
                {
                  "name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
                  "refsource": "CONFIRM",
                  "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2012-5196",
        "datePublished": "2012-09-28T17:00:00.000Z",
        "dateReserved": "2012-09-28T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:58:03.213Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-3416 (GCVE-0-2012-3416)

    Vulnerability from cvelistv5 – Published: 2012-08-25 10:00 – Updated: 2024-08-06 20:05
    VLAI
    Summary
    Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    http://rhn.redhat.com/errata/RHSA-2012-1168.html vendor-advisoryx_refsource_REDHAT
    http://www.securitytracker.com/id?1027395 vdb-entryx_refsource_SECTRACK
    http://osvdb.org/84766 vdb-entryx_refsource_OSVDB
    http://secunia.com/advisories/50246 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/55032 vdb-entryx_refsource_BID
    http://secunia.com/advisories/50294 third-party-advisoryx_refsource_SECUNIA
    http://rhn.redhat.com/errata/RHSA-2012-1169.html vendor-advisoryx_refsource_REDHAT
    http://research.cs.wisc.edu/condor/security/vulne… x_refsource_CONFIRM
    Date Public
    2012-08-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T20:05:12.446Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "condor-reverse-dns-security-bypass(77748)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77748"
              },
              {
                "name": "RHSA-2012:1168",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1168.html"
              },
              {
                "name": "1027395",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1027395"
              },
              {
                "name": "84766",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/84766"
              },
              {
                "name": "50246",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50246"
              },
              {
                "name": "55032",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/55032"
              },
              {
                "name": "50294",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/50294"
              },
              {
                "name": "RHSA-2012:1169",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://rhn.redhat.com/errata/RHSA-2012-1169.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://research.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2012-0002.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-08-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-28T12:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "condor-reverse-dns-security-bypass(77748)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77748"
            },
            {
              "name": "RHSA-2012:1168",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1168.html"
            },
            {
              "name": "1027395",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1027395"
            },
            {
              "name": "84766",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/84766"
            },
            {
              "name": "50246",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50246"
            },
            {
              "name": "55032",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/55032"
            },
            {
              "name": "50294",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/50294"
            },
            {
              "name": "RHSA-2012:1169",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2012-1169.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://research.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2012-0002.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2012-3416",
        "datePublished": "2012-08-25T10:00:00.000Z",
        "dateReserved": "2012-06-14T00:00:00.000Z",
        "dateUpdated": "2024-08-06T20:05:12.446Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2009-4133 (GCVE-0-2009-4133)

    Vulnerability from cvelistv5 – Published: 2009-12-23 18:00 – Updated: 2024-08-07 06:54
    VLAI
    Summary
    Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2009-12-21 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T06:54:09.951Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "RHSA-2009:1689",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2009-1689.html"
              },
              {
                "name": "condor-jobs-security-bypass(54984)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54984"
              },
              {
                "name": "37766",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37766"
              },
              {
                "name": "RHSA-2009:1688",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2009-1688.html"
              },
              {
                "name": "1023378",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1023378"
              },
              {
                "name": "37443",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/37443"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://bugzilla.redhat.com/show_bug.cgi?id=544371"
              },
              {
                "name": "37803",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/37803"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2009-12-21T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-08-16T14:57:01.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "RHSA-2009:1689",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1689.html"
            },
            {
              "name": "condor-jobs-security-bypass(54984)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54984"
            },
            {
              "name": "37766",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37766"
            },
            {
              "name": "RHSA-2009:1688",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2009-1688.html"
            },
            {
              "name": "1023378",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1023378"
            },
            {
              "name": "37443",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/37443"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=544371"
            },
            {
              "name": "37803",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/37803"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert@redhat.com",
              "ID": "CVE-2009-4133",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "RHSA-2009:1689",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2009-1689.html"
                },
                {
                  "name": "condor-jobs-security-bypass(54984)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54984"
                },
                {
                  "name": "37766",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37766"
                },
                {
                  "name": "RHSA-2009:1688",
                  "refsource": "REDHAT",
                  "url": "http://www.redhat.com/support/errata/RHSA-2009-1688.html"
                },
                {
                  "name": "1023378",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1023378"
                },
                {
                  "name": "37443",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/37443"
                },
                {
                  "name": "http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018",
                  "refsource": "MISC",
                  "url": "http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018"
                },
                {
                  "name": "http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html"
                },
                {
                  "name": "https://bugzilla.redhat.com/show_bug.cgi?id=544371",
                  "refsource": "CONFIRM",
                  "url": "https://bugzilla.redhat.com/show_bug.cgi?id=544371"
                },
                {
                  "name": "37803",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/37803"
                },
                {
                  "name": "http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000",
                  "refsource": "CONFIRM",
                  "url": "http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2009-4133",
        "datePublished": "2009-12-23T18:00:00.000Z",
        "dateReserved": "2009-12-01T00:00:00.000Z",
        "dateUpdated": "2024-08-07T06:54:09.951Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3828 (GCVE-0-2008-3828)

    Vulnerability from cvelistv5 – Published: 2008-10-08 20:44 – Updated: 2024-08-07 09:53
    VLAI
    Summary
    Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stab… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1021002 vdb-entryx_refsource_SECTRACK
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/32232 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/32189 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/31621 vdb-entryx_refsource_BID
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/32193 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2008/2760 vdb-entryx_refsource_VUPEN
    Date Public
    2008-10-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:53:00.405Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
              },
              {
                "name": "1021002",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1021002"
              },
              {
                "name": "RHSA-2008:0924",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
              },
              {
                "name": "32232",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32232"
              },
              {
                "name": "32189",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32189"
              },
              {
                "name": "31621",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/31621"
              },
              {
                "name": "FEDORA-2008-8733",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
              },
              {
                "name": "32193",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32193"
              },
              {
                "name": "RHSA-2008:0911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
              },
              {
                "name": "ADV-2008-2760",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2760"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-10-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Stack-based buffer overflow in the condor_ schedd daemon in Condor before 7.0.5 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-10T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
            },
            {
              "name": "1021002",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1021002"
            },
            {
              "name": "RHSA-2008:0924",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
            },
            {
              "name": "32232",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32232"
            },
            {
              "name": "32189",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32189"
            },
            {
              "name": "31621",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/31621"
            },
            {
              "name": "FEDORA-2008-8733",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
            },
            {
              "name": "32193",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32193"
            },
            {
              "name": "RHSA-2008:0911",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
            },
            {
              "name": "ADV-2008-2760",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2760"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2008-3828",
        "datePublished": "2008-10-08T20:44:00.000Z",
        "dateReserved": "2008-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:53:00.405Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3830 (GCVE-0-2008-3830)

    Vulnerability from cvelistv5 – Published: 2008-10-08 20:44 – Updated: 2024-08-07 09:53
    VLAI
    Summary
    Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stab… x_refsource_CONFIRM
    http://www.securitytracker.com/id?1021002 vdb-entryx_refsource_SECTRACK
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://secunia.com/advisories/32232 third-party-advisoryx_refsource_SECUNIA
    http://secunia.com/advisories/32189 third-party-advisoryx_refsource_SECUNIA
    http://www.securityfocus.com/bid/31621 vdb-entryx_refsource_BID
    https://www.redhat.com/archives/fedora-package-an… vendor-advisoryx_refsource_FEDORA
    http://secunia.com/advisories/32193 third-party-advisoryx_refsource_SECUNIA
    http://www.redhat.com/support/errata/RHSA-2008-09… vendor-advisoryx_refsource_REDHAT
    http://www.vupen.com/english/advisories/2008/2760 vdb-entryx_refsource_VUPEN
    Date Public
    2008-10-08 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:53:00.315Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
              },
              {
                "name": "1021002",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1021002"
              },
              {
                "name": "RHSA-2008:0924",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
              },
              {
                "name": "32232",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32232"
              },
              {
                "name": "32189",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32189"
              },
              {
                "name": "31621",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/31621"
              },
              {
                "name": "FEDORA-2008-8733",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
              },
              {
                "name": "32193",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/32193"
              },
              {
                "name": "RHSA-2008:0911",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
                  "x_transferred"
                ],
                "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
              },
              {
                "name": "ADV-2008-2760",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2008/2760"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-10-08T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2009-02-10T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"
            },
            {
              "name": "1021002",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1021002"
            },
            {
              "name": "RHSA-2008:0924",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"
            },
            {
              "name": "32232",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32232"
            },
            {
              "name": "32189",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32189"
            },
            {
              "name": "31621",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/31621"
            },
            {
              "name": "FEDORA-2008-8733",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"
            },
            {
              "name": "32193",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/32193"
            },
            {
              "name": "RHSA-2008:0911",
              "tags": [
                "vendor-advisory",
                "x_refsource_REDHAT"
              ],
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"
            },
            {
              "name": "ADV-2008-2760",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2008/2760"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2008-3830",
        "datePublished": "2008-10-08T20:44:00.000Z",
        "dateReserved": "2008-08-27T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:53:00.315Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }