// For flags

CVE-2006-4232

 

Severity Score

1.2
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.

Condición de carrera en la herramienta grid-proxy-init en Globus Toolkit 3.2.x, 4.0.2, y 4.1.0 anterior al 15/08/2006 permite a usuarios locales robar información de credenciales reemplazando el archivo de credenciales del proxy entre la creación del archivo y la comprobación de acceso exclusivo al archivo.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-08-18 CVE Reserved
  • 2006-08-18 CVE Published
  • 2023-03-08 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Globus
Search vendor "Globus"
Globus Toolkit
Search vendor "Globus" for product "Globus Toolkit"
3.2.0
Search vendor "Globus" for product "Globus Toolkit" and version "3.2.0"
-
Affected
Globus
Search vendor "Globus"
Globus Toolkit
Search vendor "Globus" for product "Globus Toolkit"
4.0.0
Search vendor "Globus" for product "Globus Toolkit" and version "4.0.0"
-
Affected
Globus
Search vendor "Globus"
Globus Toolkit
Search vendor "Globus" for product "Globus Toolkit"
4.1.0
Search vendor "Globus" for product "Globus Toolkit" and version "4.1.0"
-
Affected