Lucene search
RootSSV:15139HistoryDec 24, 2009 - 12:00 a.m.
Condor任务提交绕过安全限制漏洞
2009-12-2400:00:00
Root
www.seebug.org
10
0.005 Low
EPSS
Percentile
75.9%
BUGTRAQ ID: 37443
CVE ID: CVE-2009-4133
Condor是为计算密集任务所设计的专用负载管理系统,提供任务队列机制、调度策略、优先级规划和资源监控及管理。
Condor管理任务的方式存在漏洞,可能允许授权向Condor提交任务的用户以不同本地用户的身份排列任务,这可能导致非授权访问该用户的账号。Condor不会以root用户权限运行任务,因此这个漏洞不会导致入侵root用户账号。
Condor Project Condor 7.4
厂商补丁:
RedHat
RedHat已经为此发布了一个安全公告(RHSA-2009:1688-01)以及相应补丁:
RHSA-2009:1688-01:Moderate: condor security update
链接:https://www.redhat.com/support/errata/RHSA-2009-1688.html
Condor Project
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000
Related
cve
cve
CVE-2009-4133
2009-12-23 18:30:00
openvas
openvas
Fedora Update for condor FEDORA-2010-0213
2010-01-15 00:00:00
RedHat Security Advisory RHSA-2009:1689
2009-12-30 00:00:00
Fedora Update for condor FEDORA-2010-0227
2010-01-15 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: condor-7.4.1-1.fc11
2010-01-07 00:57:34
[SECURITY] Fedora 12 Update: condor-7.4.1-1.fc12
2010-01-07 00:56:12
nessus
nessus
Fedora 11 : condor-7.4.1-1.fc11 (2010-0227)
2010-02-25 00:00:00
Fedora 12 : condor-7.4.1-1.fc12 (2010-0213)
2010-02-25 00:00:00
debiancve
debiancve
CVE-2009-4133
2009-12-23 18:30:00
prion
prion
Design/Logic Flaw
2009-12-23 18:30:00
cvelist
cvelist
CVE-2009-4133
2009-12-23 18:00:00
redhat
redhat
(RHSA-2009:1689) Moderate: condor security update
2009-12-21 00:00:00
ubuntucve
ubuntucve
CVE-2009-4133
2009-12-23 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:38:30
nvd
nvd
CVE-2009-4133
2009-12-23 18:30:00