CVE-2006-4232
Severity Score
1.2
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.
Condición de carrera en la herramienta grid-proxy-init en Globus Toolkit 3.2.x, 4.0.2, y 4.1.0 anterior al 15/08/2006 permite a usuarios locales robar información de credenciales reemplazando el archivo de credenciales del proxy entre la creación del archivo y la comprobación de acceso exclusivo al archivo.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2006-08-18 CVE Reserved
- 2006-08-18 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://www.vupen.com/english/advisories/2006/3290 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/28408 | Vdb Entry |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/21516 | 2017-07-20 | |
| http://www.globus.org/mail_archive/security-announce/2006/08/msg00000.html | 2017-07-20 | |
| http://www.securityfocus.com/bid/19549 | 2017-07-20 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Globus Search vendor "Globus" | Globus Toolkit Search vendor "Globus" for product "Globus Toolkit" | 3.2.0 Search vendor "Globus" for product "Globus Toolkit" and version "3.2.0" | - |
Affected
| ||||||
| Globus Search vendor "Globus" | Globus Toolkit Search vendor "Globus" for product "Globus Toolkit" | 4.0.0 Search vendor "Globus" for product "Globus Toolkit" and version "4.0.0" | - |
Affected
| ||||||
| Globus Search vendor "Globus" | Globus Toolkit Search vendor "Globus" for product "Globus Toolkit" | 4.1.0 Search vendor "Globus" for product "Globus Toolkit" and version "4.1.0" | - |
Affected
| ||||||