CVSS: 9.8EPSS: 2%CPEs: 24EXPL: 0CVE-2012-3292
https://notcve.org/view.php?id=CVE-2012-3292
07 Jun 2012 — The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnam_r function, which might allow remote attackers to gain privileges by logging in with a user that does not exist, which causes GridFTP to run as the last user in the password file. GridFTP en Globus Toolkit (GT) antes de v5.2.2, cuando ciertas macros de autoconf se definen, no comprueba correctamente el valor devuelto por la función getpwnam_r, lo que podría pe... • http://jira.globus.org/browse/GT-195 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2007-2784
https://notcve.org/view.php?id=CVE-2007-2784
21 May 2007 — Unspecified vulnerability in globus-job-manager in Globus Toolkit 4.1.1 and earlier (globus_nexus-6.6 and earlier) allows remote attackers to cause a denial of service (resource exhaustion and system crash) via certain requests to temporary TCP ports for a GRAM2 job or its MPICH-G2 applications. Vulnerabilidad no especificada en globus-job-manager en Globus Toolkit 4.1.1 y anteriores (globus_nexus-6.6 y anteriores) permite a atacantes remotos provocar denegación de servicio (consumo de recursos y caida de s... • http://bugzilla.globus.org/globus/show_bug.cgi?id=5297 •