Lucene search
HistoryAug 18, 2006 - 8:04 p.m.
CVE-2006-4232
cve-2006-4232
globus toolkit
race condition
credential data theft
file access
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.
Affected configurations
Node
globusglobus_toolkitMatch3.2.0
ORglobusglobus_toolkitMatch4.0.0
ORglobusglobus_toolkitMatch4.1.0
Related
nvd
nvd
CVE-2006-4232
2006-08-18 20:04:00
cvelist
cvelist
CVE-2006-4232
2006-08-18 19:55:00
freebsd
freebsd
globus -- Multiple tmpfile races
2006-08-08 00:00:00
openvas
openvas
FreeBSD Ports: globus
2008-09-04 00:00:00
FreeBSD Ports: globus
2008-09-04 00:00:00
nessus
nessus
1.2 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2006-4232