Search Results (Refine Search)
- Keyword (text search): cpe:2.3:a:condor_project:condor:7.2.5:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2011-4930 |
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors. Published: February 10, 2014; 1:15:09 PM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.4 MEDIUM |
CVE-2013-4255 |
The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. Published: October 11, 2013; 6:55:39 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 3.5 LOW |
CVE-2009-5136 |
The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job. Published: October 11, 2013; 6:55:35 PM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.0 MEDIUM |
CVE-2012-3416 |
Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname. Published: August 25, 2012; 6:29:50 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |