CVE-2012-3491 – condor: local users can abort any idle jobs
https://notcve.org/view.php?id=CVE-2012-3491
src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors. src/condor_schedd.V6/schedd.cpp en Condor v7.6.x antes de v7.6.10 y v7.8.x antes de v7.8.4 no comprueba correctamente los permisos de los trabajos (jobs), lo que permite a usuarios remotos autenticados, eliminar los trabajos (jobs) de su elección a través de vectores no especificados. • http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40 http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html http://rhn.redhat.com/errata/RHSA-2012-1278.html http://rhn.redhat.com/errata/RHSA-2012-1281.html http://secunia.com/advisories/50666 http://www.openwall.com/lists/oss-security/2012/09/20/9 http://www.securityfocus.com/bid/55632 https://bugzilla.r • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2012-3492 – condor: lock directories created mode 0777 allow for FS-based authentication challenge bypass
https://notcve.org/view.php?id=CVE-2012-3492
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory. La autenticación de sistema de archivos (condor_io/condor_auth_fs.cpp) en Condor v7.6.x antes de v7.6.10 y v7.8.x antes de v7.8.4 utiliza directorios de autenticación, incluso cuando tienen permisos débiles, lo que permite a atacantes remotos suplantar a los usuarios mediante el renombreado de los directorios de los usuarios. • http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1db67805 http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html http://rhn.redhat.com/errata/RHSA-2012-1278.html http://rhn.redhat.com/errata/RHSA-2012-1281.html http://secunia.com/advisories/50666 http://www.openwall.com/lists/oss-security/2012/09/20/9 http://www.securityfocus.com/bid/55632 https://bugzilla.r • CWE-287: Improper Authentication •
CVE-2012-3493 – condor: GIVE_REQUEST_AD leaks privileged ClaimId information
https://notcve.org/view.php?id=CVE-2012-3493
The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId. La función command_give_request_ad en condor_startd.V6/command.cpp en Condor v7.6.x antes de v7.6.10 y v7.8.x antes de v7.8.4 permite a atacantes remotos obtener información sensible y posiblemente controlar o iniciar trabajos (jobs) de su elección a través de una solicitud ClassAd al puerto condor_startd, lo provoca una fuga del ClaimID. • http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=d2f33972 http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html http://rhn.redhat.com/errata/RHSA-2012-1278.html http://rhn.redhat.com/errata/RHSA-2012-1281.html http://secunia.com/advisories/50666 http://www.openwall.com/lists/oss-security/2012/09/20/9 http://www.securityfocus.com/bid/55632 https://bugzilla.r • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2012-3416 – condor: host based authentication does not implement forward-confirmed reverse dns
https://notcve.org/view.php?id=CVE-2012-3416
Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname. Condor antes de v7.8.2 permite a atacantes remotos evitar la auntenticación basada en host y ejecutar acciones como ALLOW_ADMINISTRATOR o ALLOW_WRITE conectando desde un sistema con un hostname DNS inverso falsificado • http://osvdb.org/84766 http://research.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2012-0002.html http://rhn.redhat.com/errata/RHSA-2012-1168.html http://rhn.redhat.com/errata/RHSA-2012-1169.html http://secunia.com/advisories/50246 http://secunia.com/advisories/50294 http://www.securityfocus.com/bid/55032 http://www.securitytracker.com/id?1027395 https://exchange.xforce.ibmcloud.com/vulnerabilities/77748 https://access.redhat.com/security/cve/CVE-2012-3416 https://b • CWE-284: Improper Access Control CWE-287: Improper Authentication •