CVE-2009-5136

Severity Score

4.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.

La política de definición evaluadora en Condor anterior a la versión 7.4.2 no maneja adecuadamente atributos en una política WANT_SUSPEND que da como resultado un estado UNDEFINIED, lo que permite a usuarios remotos autenticados provocar una denegación de servicio (condor_startd exit) a través de un trabajo manipulado.

*Credits: N/A

CVSS Scores

NISTv2 4.0

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2013-10-11 CVE Reserved
2013-10-11 CVE Published
2024-09-17 CVE Updated
2024-09-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-20: Improper Input Validation

CAPEC

References (4)

URL	Tag	Source
http://research.cs.wisc.edu/htcondor/manual/v7.6/8_5Stable_Release.html	X_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=540545	X_refsource_confirm
https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1001	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
http://rhn.redhat.com/errata/RHSA-2010-0773.html	2021-07-15

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Condor Project Search vendor "Condor Project"		Condor Search vendor "Condor Project" for product "Condor"				<= 7.4.1 Search vendor "Condor Project" for product "Condor" and version " <= 7.4.1"		-		Affected
Condor Project Search vendor "Condor Project"		Condor Search vendor "Condor Project" for product "Condor"				7.4.0 Search vendor "Condor Project" for product "Condor" and version "7.4.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg"				1.0 Search vendor "Redhat" for product "Enterprise Mrg" and version "1.0"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg"				1.0.1 Search vendor "Redhat" for product "Enterprise Mrg" and version "1.0.1"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg"				1.0.2 Search vendor "Redhat" for product "Enterprise Mrg" and version "1.0.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg"				1.0.3 Search vendor "Redhat" for product "Enterprise Mrg" and version "1.0.3"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg"				1.1.1 Search vendor "Redhat" for product "Enterprise Mrg" and version "1.1.1"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg"				1.1.2 Search vendor "Redhat" for product "Enterprise Mrg" and version "1.1.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg"				1.2 Search vendor "Redhat" for product "Enterprise Mrg" and version "1.2"		-		Affected
Redhat Search vendor "Redhat"		Enterprise Mrg Search vendor "Redhat" for product "Enterprise Mrg"				1.2.2 Search vendor "Redhat" for product "Enterprise Mrg" and version "1.2.2"		-		Affected