RHSA-2013:1295
Vulnerability from csaf_redhat
Published
2013-10-01 16:35
Modified
2024-12-01 11:56
Summary
Red Hat Security Advisory: Red Hat Enterprise MRG Grid 2.4 security update
Notes
Topic
Updated Grid component packages that fix one security issue, multiple bugs,
and add various enhancements are now available for Red Hat Enterprise MRG
2.4 for Red Hat Enterprise Linux 5.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
Details
Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation
IT infrastructure for enterprise computing. MRG offers increased
performance, reliability, interoperability, and faster computing for
enterprise customers.
MRG Grid provides high-throughput computing and enables enterprises to
achieve higher peak computing capacity as well as improved infrastructure
utilization by leveraging their existing technology to build high
performance grids. MRG Grid provides a job-queueing mechanism, scheduling
policy, and a priority scheme, as well as resource monitoring and resource
management. Users submit their jobs to MRG Grid, where they are placed into
a queue. MRG Grid then chooses when and where to run the jobs based upon a
policy, carefully monitors their progress, and ultimately informs the user
upon completion.
A denial of service flaw was found in the way cumin, a web management
console for MRG, processed certain Ajax update queries. A remote attacker
could use this flaw to issue a specially crafted HTTP request, causing
excessive use of CPU time and memory on the system. (CVE-2013-4284)
The CVE-2013-4284 issue was discovered by Tomas Novacik of Red Hat.
These updated packages for Red Hat Enterprise Linux 5 provide numerous
enhancements and bug fixes for the Grid component of MRG. Some of the most
important enhancements include:
* Improved resource utilization with scheduler driven slot partitioning
* Enhanced integration with existing user & group management
technology, specifically allowing group and netgroup specifications in
HTCondor security policies
* Addition of global job priorities, allowing for priority to span
scaled-out queues
* Reduced memory utilization per running job
Space precludes documenting all of these changes in this advisory. Refer to
the Red Hat Enterprise MRG 2 Technical Notes document, available shortly
from the link in the References section, for information on these changes.
All users of the Grid capabilities of Red Hat Enterprise MRG are advised to
upgrade to these updated packages, which correct this issue, and fix the
bugs and add the enhancements noted in the Red Hat Enterprise MRG 2
Technical Notes.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated Grid component packages that fix one security issue, multiple bugs,\nand add various enhancements are now available for Red Hat Enterprise MRG\n2.4 for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Enterprise MRG (Messaging, Realtime, and Grid) is a next-generation\nIT infrastructure for enterprise computing. MRG offers increased\nperformance, reliability, interoperability, and faster computing for\nenterprise customers.\n\nMRG Grid provides high-throughput computing and enables enterprises to\nachieve higher peak computing capacity as well as improved infrastructure\nutilization by leveraging their existing technology to build high\nperformance grids. MRG Grid provides a job-queueing mechanism, scheduling\npolicy, and a priority scheme, as well as resource monitoring and resource\nmanagement. Users submit their jobs to MRG Grid, where they are placed into\na queue. MRG Grid then chooses when and where to run the jobs based upon a\npolicy, carefully monitors their progress, and ultimately informs the user\nupon completion.\n\nA denial of service flaw was found in the way cumin, a web management\nconsole for MRG, processed certain Ajax update queries. A remote attacker\ncould use this flaw to issue a specially crafted HTTP request, causing\nexcessive use of CPU time and memory on the system. (CVE-2013-4284)\n\nThe CVE-2013-4284 issue was discovered by Tomas Novacik of Red Hat.\n\nThese updated packages for Red Hat Enterprise Linux 5 provide numerous\nenhancements and bug fixes for the Grid component of MRG. Some of the most\nimportant enhancements include:\n\n* Improved resource utilization with scheduler driven slot partitioning\n* Enhanced integration with existing user \u0026 group management \ntechnology, specifically allowing group and netgroup specifications in \nHTCondor security policies\n* Addition of global job priorities, allowing for priority to span \nscaled-out queues\n* Reduced memory utilization per running job\n\nSpace precludes documenting all of these changes in this advisory. Refer to\nthe Red Hat Enterprise MRG 2 Technical Notes document, available shortly\nfrom the link in the References section, for information on these changes.\n\nAll users of the Grid capabilities of Red Hat Enterprise MRG are advised to\nupgrade to these updated packages, which correct this issue, and fix the\nbugs and add the enhancements noted in the Red Hat Enterprise MRG 2\nTechnical Notes.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2013:1295",
"url": "https://access.redhat.com/errata/RHSA-2013:1295"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_MRG/2/html/Technical_Notes/RHSA-2013-1295.html",
"url": "https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_MRG/2/html/Technical_Notes/RHSA-2013-1295.html"
},
{
"category": "external",
"summary": "986214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=986214"
},
{
"category": "external",
"summary": "990231",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=990231"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2013/rhsa-2013_1295.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Enterprise MRG Grid 2.4 security update",
"tracking": {
"current_release_date": "2024-12-01T11:56:40+00:00",
"generator": {
"date": "2024-12-01T11:56:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2013:1295",
"initial_release_date": "2013-10-01T16:35:00+00:00",
"revision_history": [
{
"date": "2013-10-01T16:35:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2013-10-01T16:35:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-01T11:56:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "MRG Grid for RHEL 5 Server v.2",
"product": {
"name": "MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:2::el5"
}
}
},
{
"category": "product_name",
"name": "MRG Management for RHEL 5 Server v.2",
"product": {
"name": "MRG Management for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Management-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:2::el5"
}
}
},
{
"category": "product_name",
"name": "MRG Grid Execute Node for RHEL 5 Server v.2",
"product": {
"name": "MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:2::el5"
}
}
},
{
"category": "product_name",
"name": "Red Hat MRG Messaging for RHEL 5 Server v.2",
"product": {
"name": "Red Hat MRG Messaging for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Messaging-2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_mrg:2::el5"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise MRG for RHEL-5"
},
{
"branches": [
{
"category": "product_version",
"name": "cumin-0:0.1.5786-2.el5_9.src",
"product": {
"name": "cumin-0:0.1.5786-2.el5_9.src",
"product_id": "cumin-0:0.1.5786-2.el5_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cumin@0.1.5786-2.el5_9?arch=src"
}
}
},
{
"category": "product_version",
"name": "mrg-release-0:2.4.0-1.el5_9.src",
"product": {
"name": "mrg-release-0:2.4.0-1.el5_9.src",
"product_id": "mrg-release-0:2.4.0-1.el5_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mrg-release@2.4.0-1.el5_9?arch=src"
}
}
},
{
"category": "product_version",
"name": "condor-0:7.8.9-0.5.el5_9.src",
"product": {
"name": "condor-0:7.8.9-0.5.el5_9.src",
"product_id": "condor-0:7.8.9-0.5.el5_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor@7.8.9-0.5.el5_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cumin-0:0.1.5786-2.el5_9.noarch",
"product": {
"name": "cumin-0:0.1.5786-2.el5_9.noarch",
"product_id": "cumin-0:0.1.5786-2.el5_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cumin@0.1.5786-2.el5_9?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "mrg-release-0:2.4.0-1.el5_9.noarch",
"product": {
"name": "mrg-release-0:2.4.0-1.el5_9.noarch",
"product_id": "mrg-release-0:2.4.0-1.el5_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mrg-release@2.4.0-1.el5_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"product": {
"name": "condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"product_id": "condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-debuginfo@7.8.9-0.5.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "condor-qmf-0:7.8.9-0.5.el5_9.i386",
"product": {
"name": "condor-qmf-0:7.8.9-0.5.el5_9.i386",
"product_id": "condor-qmf-0:7.8.9-0.5.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-qmf@7.8.9-0.5.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "condor-classads-0:7.8.9-0.5.el5_9.i386",
"product": {
"name": "condor-classads-0:7.8.9-0.5.el5_9.i386",
"product_id": "condor-classads-0:7.8.9-0.5.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-classads@7.8.9-0.5.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "condor-0:7.8.9-0.5.el5_9.i386",
"product": {
"name": "condor-0:7.8.9-0.5.el5_9.i386",
"product_id": "condor-0:7.8.9-0.5.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor@7.8.9-0.5.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "condor-aviary-0:7.8.9-0.5.el5_9.i386",
"product": {
"name": "condor-aviary-0:7.8.9-0.5.el5_9.i386",
"product_id": "condor-aviary-0:7.8.9-0.5.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-aviary@7.8.9-0.5.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"product": {
"name": "condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"product_id": "condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-vm-gahp@7.8.9-0.5.el5_9?arch=i386"
}
}
},
{
"category": "product_version",
"name": "condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"product": {
"name": "condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"product_id": "condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-kbdd@7.8.9-0.5.el5_9?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"product": {
"name": "condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"product_id": "condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-debuginfo@7.8.9-0.5.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"product": {
"name": "condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"product_id": "condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-qmf@7.8.9-0.5.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"product": {
"name": "condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"product_id": "condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-classads@7.8.9-0.5.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "condor-0:7.8.9-0.5.el5_9.x86_64",
"product": {
"name": "condor-0:7.8.9-0.5.el5_9.x86_64",
"product_id": "condor-0:7.8.9-0.5.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor@7.8.9-0.5.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"product": {
"name": "condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"product_id": "condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-aviary@7.8.9-0.5.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"product": {
"name": "condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"product_id": "condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-vm-gahp@7.8.9-0.5.el5_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"product": {
"name": "condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"product_id": "condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/condor-kbdd@7.8.9-0.5.el5_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-0:7.8.9-0.5.el5_9.src as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.src"
},
"product_reference": "condor-0:7.8.9-0.5.el5_9.src",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-aviary-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-aviary-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-aviary-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-aviary-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-aviary-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-classads-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-classads-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-classads-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-classads-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-classads-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-debuginfo-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-debuginfo-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-kbdd-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-kbdd-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-kbdd-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-kbdd-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-qmf-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-qmf-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-qmf-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-qmf-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-qmf-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-vm-gahp-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cumin-0:0.1.5786-2.el5_9.noarch as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:cumin-0:0.1.5786-2.el5_9.noarch"
},
"product_reference": "cumin-0:0.1.5786-2.el5_9.noarch",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cumin-0:0.1.5786-2.el5_9.src as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:cumin-0:0.1.5786-2.el5_9.src"
},
"product_reference": "cumin-0:0.1.5786-2.el5_9.src",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mrg-release-0:2.4.0-1.el5_9.noarch as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:mrg-release-0:2.4.0-1.el5_9.noarch"
},
"product_reference": "mrg-release-0:2.4.0-1.el5_9.noarch",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mrg-release-0:2.4.0-1.el5_9.src as a component of MRG Grid for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-2:mrg-release-0:2.4.0-1.el5_9.src"
},
"product_reference": "mrg-release-0:2.4.0-1.el5_9.src",
"relates_to_product_reference": "5Server-MRG-Grid-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-0:7.8.9-0.5.el5_9.src as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.src"
},
"product_reference": "condor-0:7.8.9-0.5.el5_9.src",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-aviary-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-aviary-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-aviary-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-aviary-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-aviary-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-classads-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-classads-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-classads-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-classads-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-classads-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-debuginfo-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-debuginfo-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-kbdd-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-kbdd-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-kbdd-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-kbdd-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-qmf-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-qmf-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-qmf-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-qmf-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-qmf-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-vm-gahp-0:7.8.9-0.5.el5_9.i386 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.i386"
},
"product_reference": "condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64 as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64"
},
"product_reference": "condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mrg-release-0:2.4.0-1.el5_9.noarch as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.4.0-1.el5_9.noarch"
},
"product_reference": "mrg-release-0:2.4.0-1.el5_9.noarch",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mrg-release-0:2.4.0-1.el5_9.src as a component of MRG Grid Execute Node for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.4.0-1.el5_9.src"
},
"product_reference": "mrg-release-0:2.4.0-1.el5_9.src",
"relates_to_product_reference": "5Server-MRG-Grid-Execute-Node-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cumin-0:0.1.5786-2.el5_9.noarch as a component of MRG Management for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Management-2:cumin-0:0.1.5786-2.el5_9.noarch"
},
"product_reference": "cumin-0:0.1.5786-2.el5_9.noarch",
"relates_to_product_reference": "5Server-MRG-Management-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cumin-0:0.1.5786-2.el5_9.src as a component of MRG Management for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Management-2:cumin-0:0.1.5786-2.el5_9.src"
},
"product_reference": "cumin-0:0.1.5786-2.el5_9.src",
"relates_to_product_reference": "5Server-MRG-Management-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mrg-release-0:2.4.0-1.el5_9.noarch as a component of MRG Management for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Management-2:mrg-release-0:2.4.0-1.el5_9.noarch"
},
"product_reference": "mrg-release-0:2.4.0-1.el5_9.noarch",
"relates_to_product_reference": "5Server-MRG-Management-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mrg-release-0:2.4.0-1.el5_9.src as a component of MRG Management for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Management-2:mrg-release-0:2.4.0-1.el5_9.src"
},
"product_reference": "mrg-release-0:2.4.0-1.el5_9.src",
"relates_to_product_reference": "5Server-MRG-Management-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mrg-release-0:2.4.0-1.el5_9.noarch as a component of Red Hat MRG Messaging for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Messaging-2:mrg-release-0:2.4.0-1.el5_9.noarch"
},
"product_reference": "mrg-release-0:2.4.0-1.el5_9.noarch",
"relates_to_product_reference": "5Server-MRG-Messaging-2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mrg-release-0:2.4.0-1.el5_9.src as a component of Red Hat MRG Messaging for RHEL 5 Server v.2",
"product_id": "5Server-MRG-Messaging-2:mrg-release-0:2.4.0-1.el5_9.src"
},
"product_reference": "mrg-release-0:2.4.0-1.el5_9.src",
"relates_to_product_reference": "5Server-MRG-Messaging-2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-4284",
"discovery_date": "2013-07-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "986214"
}
],
"notes": [
{
"category": "description",
"text": "Cumin, as used in Red Hat Enterprise MRG 2.4, allows remote attackers to cause a denial of service (CPU and memory consumption) via a crafted Ajax update request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cumin: Denial of service due to improper handling of certain Ajax requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.src",
"5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-aviary-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-classads-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-qmf-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:cumin-0:0.1.5786-2.el5_9.noarch",
"5Server-MRG-Grid-2:cumin-0:0.1.5786-2.el5_9.src",
"5Server-MRG-Grid-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Grid-2:mrg-release-0:2.4.0-1.el5_9.src",
"5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.src",
"5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-aviary-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-classads-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-qmf-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.4.0-1.el5_9.src",
"5Server-MRG-Management-2:cumin-0:0.1.5786-2.el5_9.noarch",
"5Server-MRG-Management-2:cumin-0:0.1.5786-2.el5_9.src",
"5Server-MRG-Management-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Management-2:mrg-release-0:2.4.0-1.el5_9.src",
"5Server-MRG-Messaging-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Messaging-2:mrg-release-0:2.4.0-1.el5_9.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2013-4284"
},
{
"category": "external",
"summary": "RHBZ#986214",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=986214"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2013-4284",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-4284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2013-4284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4284"
}
],
"release_date": "2013-10-01T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2013-10-01T16:35:00+00:00",
"details": "Before applying this update, make sure all previously-released errata\nrelevant to your system have been applied.\n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258",
"product_ids": [
"5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.src",
"5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-aviary-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-classads-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-qmf-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:cumin-0:0.1.5786-2.el5_9.noarch",
"5Server-MRG-Grid-2:cumin-0:0.1.5786-2.el5_9.src",
"5Server-MRG-Grid-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Grid-2:mrg-release-0:2.4.0-1.el5_9.src",
"5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.src",
"5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-aviary-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-classads-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-qmf-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.4.0-1.el5_9.src",
"5Server-MRG-Management-2:cumin-0:0.1.5786-2.el5_9.noarch",
"5Server-MRG-Management-2:cumin-0:0.1.5786-2.el5_9.src",
"5Server-MRG-Management-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Management-2:mrg-release-0:2.4.0-1.el5_9.src",
"5Server-MRG-Messaging-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Messaging-2:mrg-release-0:2.4.0-1.el5_9.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2013:1295"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.src",
"5Server-MRG-Grid-2:condor-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-aviary-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-classads-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-qmf-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-2:cumin-0:0.1.5786-2.el5_9.noarch",
"5Server-MRG-Grid-2:cumin-0:0.1.5786-2.el5_9.src",
"5Server-MRG-Grid-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Grid-2:mrg-release-0:2.4.0-1.el5_9.src",
"5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.src",
"5Server-MRG-Grid-Execute-Node-2:condor-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-aviary-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-aviary-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-classads-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-classads-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-debuginfo-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-debuginfo-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-kbdd-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-kbdd-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-qmf-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-qmf-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.i386",
"5Server-MRG-Grid-Execute-Node-2:condor-vm-gahp-0:7.8.9-0.5.el5_9.x86_64",
"5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Grid-Execute-Node-2:mrg-release-0:2.4.0-1.el5_9.src",
"5Server-MRG-Management-2:cumin-0:0.1.5786-2.el5_9.noarch",
"5Server-MRG-Management-2:cumin-0:0.1.5786-2.el5_9.src",
"5Server-MRG-Management-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Management-2:mrg-release-0:2.4.0-1.el5_9.src",
"5Server-MRG-Messaging-2:mrg-release-0:2.4.0-1.el5_9.noarch",
"5Server-MRG-Messaging-2:mrg-release-0:2.4.0-1.el5_9.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cumin: Denial of service due to improper handling of certain Ajax requests"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.