Search criteria
51 vulnerabilities found for condor by condor_project
FKIE_CVE-2012-5390
Vulnerability from fkie_nvd - Published: 2014-06-06 14:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| condor_project | condor | 7.9.0 | |
| condor_project | condor | 7.8.0 | |
| condor_project | condor | 7.8.1 | |
| condor_project | condor | 7.8.2 | |
| condor_project | condor | 7.8.3 | |
| condor_project | condor | 7.8.4 | |
| condor_project | condor | 7.7.3 | |
| condor_project | condor | 7.7.4 | |
| condor_project | condor | 7.7.5 | |
| condor_project | condor | 7.7.6 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12276DD9-6777-453A-8246-152CE4C8FCD1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1C1780-D08E-4E91-9379-CC6070360859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6855FF-3285-48CA-951B-7B2CD53CCB16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "536EBEBB-3957-4080-84D8-AC77A1452F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC8BC4-F8F8-41E5-A823-D640B2719554",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0A997604-130B-469F-A150-B96FE1F3942D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.7.3:*:*:*:*:*:*:*",
"matchCriteriaId": "7E2F6B46-B99F-4832-95A5-9F758DC56010",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.7.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2C37E677-EA9D-4D31-9D6A-24501E51FCC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.7.5:*:*:*:*:*:*:*",
"matchCriteriaId": "A0E78B62-0DD3-4953-AB95-6880ED7A60DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.7.6:*:*:*:*:*:*:*",
"matchCriteriaId": "A3318A37-27D8-4D12-B59E-FF5ED12953FC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job."
},
{
"lang": "es",
"value": "El componente Standard Universe Shadow (condor_shadow.std) en Condor 7.7.3 hasta 7.7.6, 7.8.0 anterior a 7.8.5 y 7.9.0 no comprueba debidamente los privilegios, lo que permite a atacantes remotos ganar privilegios a trav\u00e9s de un Standard Universe Job manipulado."
}
],
"id": "CVE-2012-5390",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-06-06T14:55:03.370",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/51862"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/57328"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/51862"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/57328"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2011-4930
Vulnerability from fkie_nvd - Published: 2014-02-10 18:15 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| condor_project | condor | 7.2.0 | |
| condor_project | condor | 7.2.1 | |
| condor_project | condor | 7.2.2 | |
| condor_project | condor | 7.2.3 | |
| condor_project | condor | 7.2.4 | |
| condor_project | condor | 7.2.5 | |
| condor_project | condor | 7.3.0 | |
| condor_project | condor | 7.3.1 | |
| condor_project | condor | 7.3.2 | |
| condor_project | condor | 7.4.0 | |
| condor_project | condor | 7.4.1 | |
| condor_project | condor | 7.4.2 | |
| condor_project | condor | 7.5.4 | |
| condor_project | condor | 7.6.0 | |
| condor_project | condor | 7.6.1 | |
| condor_project | condor | 7.6.2 | |
| condor_project | condor | 7.6.3 | |
| condor_project | condor | 7.6.4 | |
| fedoraproject | fedora | 15 | |
| fedoraproject | fedora | 16 | |
| redhat | enterprise_mrg | 1.3 | |
| redhat | enterprise_mrg | 2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FE91D459-EF92-430A-98E8-1131D8BD8682",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "E0C54D26-9124-49E6-8EBA-00AE0640633A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4F3AD33E-A617-4C13-8858-7DCEDE3FDC87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "C66F0D08-3AE5-482A-B6AD-717475EB2D9C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "FDAC286B-A140-44E8-9B29-60B96A6B4555",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "14883865-8C31-4D40-B969-D61FE18920C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "2F44106D-CD31-4FF2-A589-A7A7492FC0CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D973598A-90C0-4AE0-A047-17866BD6DC46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "05A424B0-D3AF-4AF6-8575-4AD6B8E91E51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AA2890-BEC9-4AD6-AF74-6EC810E22AEF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "68301687-793B-4A68-B1FB-A2B941A230C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "55E4CE41-D1AF-4187-AA26-FCDEA2F52E0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8464E672-FEB8-4EC2-97EA-D6615DB22F28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2260133-CF29-4F2F-A05E-ED5FF10F190A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8B138A-F2DF-4B12-8B00-CC234D7E4BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33F6FDB7-FB85-4879-81E8-CBC0BA027C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A225C35-3DF2-4C5A-B3D6-BC70FCB6C241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BA94AB-761B-44BB-A188-FC609789BF30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*",
"matchCriteriaId": "9396E005-22D8-4342-9323-C7DEA379191D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*",
"matchCriteriaId": "706C6399-CAD1-46E3-87A2-8DFE2CF497ED",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "60D3DD4A-2984-4929-BF6A-30B8CE9B2974",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de cadena de formato en Condor 7.2.0 hasta 7.6.4 y posiblemente ciertas versiones 7.7.x, como las utilizadas en Red Hat MRG Grid y posiblemente otros productos, permiten a usuarios locales causar una denegaci\u00f3n de servicio (demonio condor_schedd y fallo en el lanzamiento de trabajos) y posiblemente ejecutar c\u00f3digo arbitrario a trav\u00e9s de una cadena de especificadores de formato en (1) la raz\u00f3n de un retraso en un trabajo que utiliza un registro de usuario XML, (2) el nombre de un archivo pendiente de transferir y posiblemente otros vectores no especificados."
}
],
"id": "CVE-2011-4930",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-02-10T18:15:09.310",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0099.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0100.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=759548"
},
{
"source": "secalert@redhat.com",
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867"
},
{
"source": "secalert@redhat.com",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264"
},
{
"source": "secalert@redhat.com",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429"
},
{
"source": "secalert@redhat.com",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0099.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2012-0100.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=759548"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-134"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-4255
Vulnerability from fkie_nvd - Published: 2013-10-11 22:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| condor_project | condor | * | |
| condor_project | condor | 7.5.4 | |
| redhat | enterprise_mrg | 2.0 | |
| redhat | enterprise_mrg | 2.1 | |
| redhat | enterprise_mrg | 2.2 | |
| redhat | enterprise_mrg | 2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8AE7A59E-1CF0-4DE8-84ED-5B6434C86574",
"versionEndIncluding": "8.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "8464E672-FEB8-4EC2-97EA-D6615DB22F28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "CE2A5DA2-081C-4524-AE73-F9EFB23B412A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "87927ABB-0BDC-493C-B4F4-E979B03DAC18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15856E6B-7BF3-4377-8708-574F3F7334D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
},
{
"lang": "es",
"value": "La pol\u00edtica de definici\u00f3n evaluadora en Condor 7.5.4, 8.0.0, y versiones anteriores no trata correctamente los atributos de una (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, o (5) KILL pol\u00edtica que evalua un estado No Configurado, Indefinido o estado de error, lo que permite a los usuarios remotos autenticados causar una denegaci\u00f3n de servicio (salida condor_startd) a trav\u00e9s de un trabajo manipulad"
}
],
"id": "CVE-2013-4255",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-11T22:55:39.910",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
},
{
"source": "secalert@redhat.com",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
},
{
"source": "secalert@redhat.com",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2009-5136
Vulnerability from fkie_nvd - Published: 2013-10-11 22:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| condor_project | condor | * | |
| condor_project | condor | 7.4.0 | |
| redhat | enterprise_mrg | 1.0 | |
| redhat | enterprise_mrg | 1.0.1 | |
| redhat | enterprise_mrg | 1.0.2 | |
| redhat | enterprise_mrg | 1.0.3 | |
| redhat | enterprise_mrg | 1.1.1 | |
| redhat | enterprise_mrg | 1.1.2 | |
| redhat | enterprise_mrg | 1.2 | |
| redhat | enterprise_mrg | 1.2.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACDEB31F-4DF7-4639-A1E7-6BAAB4CA7303",
"versionEndIncluding": "7.4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B7AA2890-BEC9-4AD6-AF74-6EC810E22AEF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "CB4E172C-4FBD-40AA-91F1-2858A74C5483",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E8A4D28-0EC4-4584-9126-A47003CD06AE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "12EE56E2-D7B7-4BF6-BC1F-86B8EE77F064",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5F9A3A7B-4A61-4F2C-A8F9-D428B690294E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "73C6E954-7BBE-4214-9407-86322372FCB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "ED639614-7AE8-4DDE-9FE3-1554FE59202C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FD09E081-B714-45A1-ACBB-28D805BFD01C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "FBC7F3E0-9E2A-4FBF-A4E5-9CCBC8D4C7CC",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
},
{
"lang": "es",
"value": "La pol\u00edtica de definici\u00f3n evaluadora en Condor anterior a la versi\u00f3n 7.4.2 no maneja adecuadamente atributos en una pol\u00edtica WANT_SUSPEND que da como resultado un estado UNDEFINIED, lo que permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (condor_startd exit) a trav\u00e9s de un trabajo manipulado."
}
],
"id": "CVE-2009-5136",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-10-11T22:55:35.910",
"references": [
{
"source": "cve@mitre.org",
"url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
},
{
"source": "cve@mitre.org",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-4462
Vulnerability from fkie_nvd - Published: 2013-03-14 03:10 - Updated: 2025-04-11 00:51
Severity ?
Summary
aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| condor_project | condor | 7.8.0 | |
| redhat | enterprise_mrg | 2.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1C1780-D08E-4E91-9379-CC6070360859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "15856E6B-7BF3-4377-8708-574F3F7334D2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option."
},
{
"lang": "es",
"value": "aviary/jobcontrol.py de Condor, es usado en Red Hat Enterprise MRG v2.3, cuando se eliminan tareas, permite a atacantes remotos causar una denegaci\u00f3n de servicios (condor_schedd reinicio) a trav\u00e9s de corchetes en la opci\u00f3n cproc."
}
],
"id": "CVE-2012-4462",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2013-03-14T03:10:23.503",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0564.html"
},
{
"source": "secalert@redhat.com",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0565.html"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860850"
},
{
"source": "secalert@redhat.com",
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=8f9b304c4f6c0a98dafa61b2c0e4beb3b70e4c84"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0564.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2013-0565.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860850"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=8f9b304c4f6c0a98dafa61b2c0e4beb3b70e4c84"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-5196
Vulnerability from fkie_nvd - Published: 2012-09-28 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| condor_project | condor | 7.6.0 | |
| condor_project | condor | 7.6.1 | |
| condor_project | condor | 7.6.2 | |
| condor_project | condor | 7.6.3 | |
| condor_project | condor | 7.6.4 | |
| condor_project | condor | 7.6.5 | |
| condor_project | condor | 7.6.6 | |
| condor_project | condor | 7.6.7 | |
| condor_project | condor | 7.6.8 | |
| condor_project | condor | 7.6.9 | |
| condor_project | condor | 7.8.0 | |
| condor_project | condor | 7.8.1 | |
| condor_project | condor | 7.8.2 | |
| condor_project | condor | 7.8.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2260133-CF29-4F2F-A05E-ED5FF10F190A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8B138A-F2DF-4B12-8B00-CC234D7E4BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33F6FDB7-FB85-4879-81E8-CBC0BA027C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A225C35-3DF2-4C5A-B3D6-BC70FCB6C241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BA94AB-761B-44BB-A188-FC609789BF30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A6DF33-B8D9-41DA-8620-5C93813E7971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA2856A-EE5A-4E64-BF4B-2101D782B2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2E93D-5983-4F40-AE61-B299FFB84E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDBB354-1B7E-43D1-B23F-35309272A37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B660525B-3A88-4AF2-86E6-B8E93B65DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1C1780-D08E-4E91-9379-CC6070360859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6855FF-3285-48CA-951B-7B2CD53CCB16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "536EBEBB-3957-4080-84D8-AC77A1452F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC8BC4-F8F8-41E5-A823-D640B2719554",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer en Condor v7.6.x antes de v7.6.10 y v7.8.x antes de v7.8.4 tienen un impacto y vectores de ataque desconocidos."
}
],
"id": "CVE-2012-5196",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-28T17:55:01.413",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-5197
Vulnerability from fkie_nvd - Published: 2012-09-28 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| condor_project | condor | 7.6.0 | |
| condor_project | condor | 7.6.1 | |
| condor_project | condor | 7.6.2 | |
| condor_project | condor | 7.6.3 | |
| condor_project | condor | 7.6.4 | |
| condor_project | condor | 7.6.5 | |
| condor_project | condor | 7.6.6 | |
| condor_project | condor | 7.6.7 | |
| condor_project | condor | 7.6.8 | |
| condor_project | condor | 7.6.9 | |
| condor_project | condor | 7.8.0 | |
| condor_project | condor | 7.8.1 | |
| condor_project | condor | 7.8.2 | |
| condor_project | condor | 7.8.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2260133-CF29-4F2F-A05E-ED5FF10F190A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8B138A-F2DF-4B12-8B00-CC234D7E4BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33F6FDB7-FB85-4879-81E8-CBC0BA027C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A225C35-3DF2-4C5A-B3D6-BC70FCB6C241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BA94AB-761B-44BB-A188-FC609789BF30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A6DF33-B8D9-41DA-8620-5C93813E7971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA2856A-EE5A-4E64-BF4B-2101D782B2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2E93D-5983-4F40-AE61-B299FFB84E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDBB354-1B7E-43D1-B23F-35309272A37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B660525B-3A88-4AF2-86E6-B8E93B65DF61",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1C1780-D08E-4E91-9379-CC6070360859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6855FF-3285-48CA-951B-7B2CD53CCB16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "536EBEBB-3957-4080-84D8-AC77A1452F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC8BC4-F8F8-41E5-A823-D640B2719554",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to \"error checking of system calls.\""
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Condor v7.6.x antes de v7.6.10 y v7.8.x antes de v7.8.4 tienen vectores de ataque desconocidos y un impacto relacionado con \"la comprobaci\u00f3n de errores de llamadas al sistema.\""
}
],
"id": "CVE-2012-5197",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-28T17:55:01.443",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-3492
Vulnerability from fkie_nvd - Published: 2012-09-28 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| condor_project | condor | 7.6.0 | |
| condor_project | condor | 7.6.1 | |
| condor_project | condor | 7.6.2 | |
| condor_project | condor | 7.6.3 | |
| condor_project | condor | 7.6.4 | |
| condor_project | condor | 7.6.5 | |
| condor_project | condor | 7.6.6 | |
| condor_project | condor | 7.6.7 | |
| condor_project | condor | 7.6.8 | |
| condor_project | condor | 7.6.9 | |
| condor_project | condor | 7.8.0 | |
| condor_project | condor | 7.8.1 | |
| condor_project | condor | 7.8.2 | |
| condor_project | condor | 7.8.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2260133-CF29-4F2F-A05E-ED5FF10F190A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8B138A-F2DF-4B12-8B00-CC234D7E4BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33F6FDB7-FB85-4879-81E8-CBC0BA027C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A225C35-3DF2-4C5A-B3D6-BC70FCB6C241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BA94AB-761B-44BB-A188-FC609789BF30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A6DF33-B8D9-41DA-8620-5C93813E7971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA2856A-EE5A-4E64-BF4B-2101D782B2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2E93D-5983-4F40-AE61-B299FFB84E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDBB354-1B7E-43D1-B23F-35309272A37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B660525B-3A88-4AF2-86E6-B8E93B65DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1C1780-D08E-4E91-9379-CC6070360859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6855FF-3285-48CA-951B-7B2CD53CCB16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "536EBEBB-3957-4080-84D8-AC77A1452F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC8BC4-F8F8-41E5-A823-D640B2719554",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user\u0027s authentication directory."
},
{
"lang": "es",
"value": "La autenticaci\u00f3n de sistema de archivos (condor_io/condor_auth_fs.cpp) en Condor v7.6.x antes de v7.6.10 y v7.8.x antes de v7.8.4 utiliza directorios de autenticaci\u00f3n, incluso cuando tienen permisos d\u00e9biles, lo que permite a atacantes remotos suplantar a los usuarios mediante el renombreado de los directorios de los usuarios."
}
],
"id": "CVE-2012-3492",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-28T17:55:01.303",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805"
},
{
"source": "secalert@redhat.com",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"source": "secalert@redhat.com",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50666"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-3493
Vulnerability from fkie_nvd - Published: 2012-09-28 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| condor_project | condor | 7.6.0 | |
| condor_project | condor | 7.6.1 | |
| condor_project | condor | 7.6.2 | |
| condor_project | condor | 7.6.3 | |
| condor_project | condor | 7.6.4 | |
| condor_project | condor | 7.6.5 | |
| condor_project | condor | 7.6.6 | |
| condor_project | condor | 7.6.7 | |
| condor_project | condor | 7.6.8 | |
| condor_project | condor | 7.6.9 | |
| condor_project | condor | 7.8.0 | |
| condor_project | condor | 7.8.1 | |
| condor_project | condor | 7.8.2 | |
| condor_project | condor | 7.8.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2260133-CF29-4F2F-A05E-ED5FF10F190A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8B138A-F2DF-4B12-8B00-CC234D7E4BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33F6FDB7-FB85-4879-81E8-CBC0BA027C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A225C35-3DF2-4C5A-B3D6-BC70FCB6C241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BA94AB-761B-44BB-A188-FC609789BF30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A6DF33-B8D9-41DA-8620-5C93813E7971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA2856A-EE5A-4E64-BF4B-2101D782B2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2E93D-5983-4F40-AE61-B299FFB84E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDBB354-1B7E-43D1-B23F-35309272A37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B660525B-3A88-4AF2-86E6-B8E93B65DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1C1780-D08E-4E91-9379-CC6070360859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6855FF-3285-48CA-951B-7B2CD53CCB16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "536EBEBB-3957-4080-84D8-AC77A1452F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC8BC4-F8F8-41E5-A823-D640B2719554",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId."
},
{
"lang": "es",
"value": "La funci\u00f3n command_give_request_ad en condor_startd.V6/command.cpp en Condor v7.6.x antes de v7.6.10 y v7.8.x antes de v7.8.4 permite a atacantes remotos obtener informaci\u00f3n sensible y posiblemente controlar o iniciar trabajos (jobs) de su elecci\u00f3n a trav\u00e9s de una solicitud ClassAd al puerto condor_startd, lo provoca una fuga del ClaimID."
}
],
"id": "CVE-2012-3493",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-28T17:55:01.350",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972"
},
{
"source": "secalert@redhat.com",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"source": "secalert@redhat.com",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50666"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2012-3491
Vulnerability from fkie_nvd - Published: 2012-09-28 17:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| condor_project | condor | 7.6.0 | |
| condor_project | condor | 7.6.1 | |
| condor_project | condor | 7.6.2 | |
| condor_project | condor | 7.6.3 | |
| condor_project | condor | 7.6.4 | |
| condor_project | condor | 7.6.5 | |
| condor_project | condor | 7.6.6 | |
| condor_project | condor | 7.6.7 | |
| condor_project | condor | 7.6.8 | |
| condor_project | condor | 7.6.9 | |
| condor_project | condor | 7.8.0 | |
| condor_project | condor | 7.8.1 | |
| condor_project | condor | 7.8.2 | |
| condor_project | condor | 7.8.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E2260133-CF29-4F2F-A05E-ED5FF10F190A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DF8B138A-F2DF-4B12-8B00-CC234D7E4BFD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.2:*:*:*:*:*:*:*",
"matchCriteriaId": "33F6FDB7-FB85-4879-81E8-CBC0BA027C85",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1A225C35-3DF2-4C5A-B3D6-BC70FCB6C241",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BA94AB-761B-44BB-A188-FC609789BF30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "E4A6DF33-B8D9-41DA-8620-5C93813E7971",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.6:*:*:*:*:*:*:*",
"matchCriteriaId": "1DA2856A-EE5A-4E64-BF4B-2101D782B2A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.7:*:*:*:*:*:*:*",
"matchCriteriaId": "59C2E93D-5983-4F40-AE61-B299FFB84E47",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.8:*:*:*:*:*:*:*",
"matchCriteriaId": "5EDBB354-1B7E-43D1-B23F-35309272A37A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.6.9:*:*:*:*:*:*:*",
"matchCriteriaId": "B660525B-3A88-4AF2-86E6-B8E93B65DF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6A1C1780-D08E-4E91-9379-CC6070360859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AD6855FF-3285-48CA-951B-7B2CD53CCB16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.2:*:*:*:*:*:*:*",
"matchCriteriaId": "536EBEBB-3957-4080-84D8-AC77A1452F2A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:condor_project:condor:7.8.3:*:*:*:*:*:*:*",
"matchCriteriaId": "31EC8BC4-F8F8-41E5-A823-D640B2719554",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors."
},
{
"lang": "es",
"value": "src/condor_schedd.V6/schedd.cpp en Condor v7.6.x antes de v7.6.10 y v7.8.x antes de v7.8.4 no comprueba correctamente los permisos de los trabajos (jobs), lo que permite a usuarios remotos autenticados, eliminar los trabajos (jobs) de su elecci\u00f3n a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2012-3491",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-09-28T17:55:01.240",
"references": [
{
"source": "secalert@redhat.com",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40"
},
{
"source": "secalert@redhat.com",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"source": "secalert@redhat.com",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"source": "secalert@redhat.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50666"
},
{
"source": "secalert@redhat.com",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"source": "secalert@redhat.com",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/50666"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2012-5390 (GCVE-0-2012-5390)
Vulnerability from cvelistv5 – Published: 2014-06-06 14:00 – Updated: 2024-08-06 21:05
VLAI?
Summary
The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
},
{
"name": "57328",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57328"
},
{
"name": "51862",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-06T13:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
},
{
"name": "57328",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/57328"
},
{
"name": "51862",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5390",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
},
{
"name": "57328",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57328"
},
{
"name": "51862",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5390",
"datePublished": "2014-06-06T14:00:00",
"dateReserved": "2012-10-17T00:00:00",
"dateUpdated": "2024-08-06T21:05:47.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4930 (GCVE-0-2011-4930)
Vulnerability from cvelistv5 – Published: 2014-02-10 17:00 – Updated: 2024-08-07 00:23
VLAI?
Summary
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:23:38.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=759548"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429"
},
{
"name": "RHSA-2012:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0099.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264"
},
{
"name": "RHSA-2012:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0100.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-10T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=759548"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429"
},
{
"name": "RHSA-2012:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0099.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264"
},
{
"name": "RHSA-2012:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0100.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4930",
"datePublished": "2014-02-10T17:00:00",
"dateReserved": "2011-12-23T00:00:00",
"dateUpdated": "2024-08-07T00:23:38.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4255 (GCVE-0-2013-4255)
Vulnerability from cvelistv5 – Published: 2013-10-11 22:00 – Updated: 2024-08-06 16:38
VLAI?
Summary
The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
},
{
"name": "RHSA-2013:1171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T22:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:1172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
},
{
"name": "RHSA-2013:1171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4255",
"datePublished": "2013-10-11T22:00:00Z",
"dateReserved": "2013-06-12T00:00:00Z",
"dateUpdated": "2024-08-06T16:38:01.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5136 (GCVE-0-2009-5136)
Vulnerability from cvelistv5 – Published: 2013-10-11 22:00 – Updated: 2024-09-17 03:23
VLAI?
Summary
The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:23.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
},
{
"name": "RHSA-2010:0773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
},
{
"name": "RHSA-2010:0773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001",
"refsource": "CONFIRM",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=540545",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
},
{
"name": "RHSA-2010:0773",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
},
{
"name": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5136",
"datePublished": "2013-10-11T22:00:00Z",
"dateReserved": "2013-10-11T00:00:00Z",
"dateUpdated": "2024-09-17T03:23:50.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4462 (GCVE-0-2012-4462)
Vulnerability from cvelistv5 – Published: 2013-03-12 15:00 – Updated: 2024-08-06 20:35
VLAI?
Summary
aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=8f9b304c4f6c0a98dafa61b2c0e4beb3b70e4c84"
},
{
"name": "RHSA-2013:0564",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0564.html"
},
{
"name": "RHSA-2013:0565",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0565.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-12T15:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=8f9b304c4f6c0a98dafa61b2c0e4beb3b70e4c84"
},
{
"name": "RHSA-2013:0564",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0564.html"
},
{
"name": "RHSA-2013:0565",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0565.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860850"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4462",
"datePublished": "2013-03-12T15:00:00Z",
"dateReserved": "2012-08-21T00:00:00Z",
"dateUpdated": "2024-08-06T20:35:09.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5197 (GCVE-0-2012-5197)
Vulnerability from cvelistv5 – Published: 2012-09-28 17:00 – Updated: 2024-08-06 20:58
VLAI?
Summary
Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:58:03.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "condor-multiple-unspecified(78974)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to \"error checking of system calls.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "condor-multiple-unspecified(78974)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to \"error checking of system calls.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "condor-multiple-unspecified(78974)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5197",
"datePublished": "2012-09-28T17:00:00",
"dateReserved": "2012-09-28T00:00:00",
"dateUpdated": "2024-08-06T20:58:03.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5196 (GCVE-0-2012-5196)
Vulnerability from cvelistv5 – Published: 2012-09-28 17:00 – Updated: 2024-08-06 20:58
VLAI?
Summary
Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:58:03.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "condor-multiple-bo(78975)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "condor-multiple-bo(78975)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "condor-multiple-bo(78975)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5196",
"datePublished": "2012-09-28T17:00:00",
"dateReserved": "2012-09-28T00:00:00",
"dateUpdated": "2024-08-06T20:58:03.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3493 (GCVE-0-2012-3493)
Vulnerability from cvelistv5 – Published: 2012-09-28 17:00 – Updated: 2024-09-16 22:51
VLAI?
Summary
The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50666"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-28T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50666"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55632",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=d2f33972",
"refsource": "CONFIRM",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=d2f33972"
},
{
"name": "50666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50666"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=848222",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3493",
"datePublished": "2012-09-28T17:00:00Z",
"dateReserved": "2012-06-14T00:00:00Z",
"dateUpdated": "2024-09-16T22:51:51.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3491 (GCVE-0-2012-3491)
Vulnerability from cvelistv5 – Published: 2012-09-28 17:00 – Updated: 2024-09-16 23:55
VLAI?
Summary
src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
},
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-28T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
},
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=848214",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
},
{
"name": "55632",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1fff5d40",
"refsource": "CONFIRM",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1fff5d40"
},
{
"name": "50666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3491",
"datePublished": "2012-09-28T17:00:00Z",
"dateReserved": "2012-06-14T00:00:00Z",
"dateUpdated": "2024-09-16T23:55:46.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3492 (GCVE-0-2012-3492)
Vulnerability from cvelistv5 – Published: 2012-09-28 17:00 – Updated: 2024-09-16 22:24
VLAI?
Summary
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user\u0027s authentication directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-28T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user\u0027s authentication directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55632",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1db67805",
"refsource": "CONFIRM",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1db67805"
},
{
"name": "RHSA-2012:1281",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "50666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3492",
"datePublished": "2012-09-28T17:00:00Z",
"dateReserved": "2012-06-14T00:00:00Z",
"dateUpdated": "2024-09-16T22:24:48.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5390 (GCVE-0-2012-5390)
Vulnerability from nvd – Published: 2014-06-06 14:00 – Updated: 2024-08-06 21:05
VLAI?
Summary
The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:05:47.238Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
},
{
"name": "57328",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/57328"
},
{
"name": "51862",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/51862"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-01-15T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-06T13:57:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
},
{
"name": "57328",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/57328"
},
{
"name": "51862",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/51862"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5390",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The standard universe shadow (condor_shadow.std) component in Condor 7.7.3 through 7.7.6, 7.8.0 before 7.8.5, and 7.9.0 does no properly check privileges, which allows remote attackers to gain privileges via a crafted standard universe job."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0003.html"
},
{
"name": "57328",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/57328"
},
{
"name": "51862",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/51862"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5390",
"datePublished": "2014-06-06T14:00:00",
"dateReserved": "2012-10-17T00:00:00",
"dateUpdated": "2024-08-06T21:05:47.238Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-4930 (GCVE-0-2011-4930)
Vulnerability from nvd – Published: 2014-02-10 17:00 – Updated: 2024-08-07 00:23
VLAI?
Summary
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:23:38.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=759548"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429"
},
{
"name": "RHSA-2012:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0099.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264"
},
{
"name": "RHSA-2012:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0100.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-02-10T16:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=759548"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429"
},
{
"name": "RHSA-2012:0099",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0099.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264"
},
{
"name": "RHSA-2012:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-0100.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2011-4930",
"datePublished": "2014-02-10T17:00:00",
"dateReserved": "2011-12-23T00:00:00",
"dateUpdated": "2024-08-07T00:23:38.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-4255 (GCVE-0-2013-4255)
Vulnerability from nvd – Published: 2013-10-11 22:00 – Updated: 2024-08-06 16:38
VLAI?
Summary
The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:38:01.601Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2013:1172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
},
{
"name": "RHSA-2013:1171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T22:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2013:1172",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1172.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786"
},
{
"name": "RHSA-2013:1171",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-1171.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=919401"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-4255",
"datePublished": "2013-10-11T22:00:00Z",
"dateReserved": "2013-06-12T00:00:00Z",
"dateUpdated": "2024-08-06T16:38:01.601Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2009-5136 (GCVE-0-2009-5136)
Vulnerability from nvd – Published: 2013-10-11 22:00 – Updated: 2024-09-17 03:23
VLAI?
Summary
The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:23.810Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
},
{
"name": "RHSA-2010:0773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-10-11T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
},
{
"name": "RHSA-2010:0773",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-5136",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001",
"refsource": "CONFIRM",
"url": "https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=540545",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=540545"
},
{
"name": "RHSA-2010:0773",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2010-0773.html"
},
{
"name": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-5136",
"datePublished": "2013-10-11T22:00:00Z",
"dateReserved": "2013-10-11T00:00:00Z",
"dateUpdated": "2024-09-17T03:23:50.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-4462 (GCVE-0-2012-4462)
Vulnerability from nvd – Published: 2013-03-12 15:00 – Updated: 2024-08-06 20:35
VLAI?
Summary
aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:35:09.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=8f9b304c4f6c0a98dafa61b2c0e4beb3b70e4c84"
},
{
"name": "RHSA-2013:0564",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0564.html"
},
{
"name": "RHSA-2013:0565",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0565.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860850"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "aviary/jobcontrol.py in Condor, as used in Red Hat Enterprise MRG 2.3, when removing a job, allows remote attackers to cause a denial of service (condor_schedd restart) via square brackets in the cproc option."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2013-03-12T15:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=8f9b304c4f6c0a98dafa61b2c0e4beb3b70e4c84"
},
{
"name": "RHSA-2013:0564",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0564.html"
},
{
"name": "RHSA-2013:0565",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2013-0565.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=860850"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-4462",
"datePublished": "2013-03-12T15:00:00Z",
"dateReserved": "2012-08-21T00:00:00Z",
"dateUpdated": "2024-08-06T20:35:09.645Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5197 (GCVE-0-2012-5197)
Vulnerability from nvd – Published: 2012-09-28 17:00 – Updated: 2024-08-06 20:58
VLAI?
Summary
Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:58:03.181Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "condor-multiple-unspecified(78974)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to \"error checking of system calls.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "condor-multiple-unspecified(78974)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to \"error checking of system calls.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "condor-multiple-unspecified(78974)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78974"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5197",
"datePublished": "2012-09-28T17:00:00",
"dateReserved": "2012-09-28T00:00:00",
"dateUpdated": "2024-08-06T20:58:03.181Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-5196 (GCVE-0-2012-5196)
Vulnerability from nvd – Published: 2012-09-28 17:00 – Updated: 2024-08-06 20:58
VLAI?
Summary
Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:58:03.213Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "condor-multiple-bo(78975)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-09-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "condor-multiple-bo(78975)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5196",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "condor-multiple-bo(78975)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/78975"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5196",
"datePublished": "2012-09-28T17:00:00",
"dateReserved": "2012-09-28T00:00:00",
"dateUpdated": "2024-08-06T20:58:03.213Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3493 (GCVE-0-2012-3493)
Vulnerability from nvd – Published: 2012-09-28 17:00 – Updated: 2024-09-16 22:51
VLAI?
Summary
The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.645Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50666"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-28T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50666"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3493",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55632",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=d2f33972",
"refsource": "CONFIRM",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=d2f33972"
},
{
"name": "50666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50666"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=848222",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848222"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3493",
"datePublished": "2012-09-28T17:00:00Z",
"dateReserved": "2012-06-14T00:00:00Z",
"dateUpdated": "2024-09-16T22:51:51.036Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3491 (GCVE-0-2012-3491)
Vulnerability from nvd – Published: 2012-09-28 17:00 – Updated: 2024-09-16 23:55
VLAI?
Summary
src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.665Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
},
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-28T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
},
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3491",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=848214",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=848214"
},
{
"name": "55632",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "RHSA-2012:1281",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1fff5d40",
"refsource": "CONFIRM",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1fff5d40"
},
{
"name": "50666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3491",
"datePublished": "2012-09-28T17:00:00Z",
"dateReserved": "2012-06-14T00:00:00Z",
"dateUpdated": "2024-09-16T23:55:46.109Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2012-3492 (GCVE-0-2012-3492)
Vulnerability from nvd – Published: 2012-09-28 17:00 – Updated: 2024-09-16 22:24
VLAI?
Summary
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T20:05:12.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user\u0027s authentication directory."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-09-28T17:00:00Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "55632",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805"
},
{
"name": "RHSA-2012:1281",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "50666",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2012-3492",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user\u0027s authentication directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55632",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/55632"
},
{
"name": "RHSA-2012:1278",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1278.html"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"
},
{
"name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1db67805",
"refsource": "CONFIRM",
"url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1db67805"
},
{
"name": "RHSA-2012:1281",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2012-1281.html"
},
{
"name": "50666",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/50666"
},
{
"name": "[oss-security] 20120920 Notification of upstream Condor security fixes",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"
},
{
"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html",
"refsource": "CONFIRM",
"url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3492"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2012-3492",
"datePublished": "2012-09-28T17:00:00Z",
"dateReserved": "2012-06-14T00:00:00Z",
"dateUpdated": "2024-09-16T22:24:48.721Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}