condor is vulnerable to privilege escalation. A flaw was found in the way Condor processed user submitted jobs. It was possible for a user to submit a job in a way that could cause that job to run as a different user with access to the pool.
CPE | Name | Operator | Version |
---|---|---|---|
condor | eq | 7.0.4__4.el5 | |
condor | eq | 7.0.4__4.el4 | |
condor | eq | 7.0.4__4.el5 | |
condor | eq | 7.0.4__4.el4 |
cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html
secunia.com/advisories/32189
secunia.com/advisories/32193
secunia.com/advisories/32232
www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2008-0911.html
www.redhat.com/support/errata/RHSA-2008-0924.html
www.securityfocus.com/bid/31621
www.securitytracker.com/id?1021002
www.vupen.com/english/advisories/2008/2760
access.redhat.com/errata/RHSA-2008:0911
www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html