Veracode Vulnerability DatabaseVERACODE:23418Arbitrary Code Execution
0.001 Low
EPSS
Percentile
41.3%
condor is vulnerable to arbitrary code execution. A stack based buffer overflow flaw was found in Condor’s condor_schedd daemon. A user who had permissions to submit a job could do so in a manner that could cause condor_schedd to crash or, potentially, execute arbitrary code with the permissions of condor_schedd.
| CPE | Name | Operator | Version |
|---|---|---|---|
| condor | eq | 7.0.4__4.el5 | |
| condor | eq | 7.0.4__4.el4 | |
| condor | eq | 7.0.4__4.el5 | |
| condor | eq | 7.0.4__4.el4 |
References
cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html
secunia.com/advisories/32189
secunia.com/advisories/32193
secunia.com/advisories/32232
www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2008-0911.html
www.redhat.com/support/errata/RHSA-2008-0924.html
www.securityfocus.com/bid/31621
www.securitytracker.com/id?1021002
www.vupen.com/english/advisories/2008/2760
access.redhat.com/errata/RHSA-2008:0911
www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html
Related
