Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WRITE, DENY_WRITE, HOSTALLOW_WRITE, or HOSTDENY_WRITE configuration variables in authorization policy lists, which might allow remote attackers to bypass intended access restrictions.
References
Link | Resource |
---|---|
http://secunia.com/advisories/31284 | Broken Link Vendor Advisory |
http://secunia.com/advisories/31423 | Broken Link |
http://secunia.com/advisories/31459 | Broken Link |
http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#sec:New-7-0-4 | Broken Link |
http://www.redhat.com/support/errata/RHSA-2008-0814.html | Broken Link |
http://www.redhat.com/support/errata/RHSA-2008-0816.html | Broken Link |
http://www.securityfocus.com/bid/30440 | Broken Link Third Party Advisory VDB Entry |
http://www.securitytracker.com/id?1020646 | Broken Link Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/44063 | Third Party Advisory VDB Entry |
https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00252.html | Mailing List |
Configurations
History
12 Jan 2024, 20:45
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-863 | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2008-August/msg00252.html - Mailing List | |
References | (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/44063 - Third Party Advisory, VDB Entry | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2008-0816.html - Broken Link | |
References | (BID) http://www.securityfocus.com/bid/30440 - Broken Link, Third Party Advisory, VDB Entry | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2008-0814.html - Broken Link | |
References | (CONFIRM) http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#sec:New-7-0-4 - Broken Link | |
References | (SECUNIA) http://secunia.com/advisories/31423 - Broken Link | |
References | (SECTRACK) http://www.securitytracker.com/id?1020646 - Broken Link, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/31459 - Broken Link | |
References | (SECUNIA) http://secunia.com/advisories/31284 - Broken Link, Vendor Advisory | |
CPE | cpe:2.3:a:condor_project:condor:7.0.3:*:*:*:*:*:*:* cpe:2.3:a:condor_project:condor:7.0.2:*:*:*:*:*:*:* cpe:2.3:a:condor_project:condor:7.0.0:*:*:*:*:*:*:* |
cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:* |
First Time |
Fedoraproject fedora
Fedoraproject |
Information
Published : 2008-07-31 22:41
Updated : 2024-02-28 11:21
NVD link : CVE-2008-3424
Mitre link : CVE-2008-3424
CVE.ORG link : CVE-2008-3424
JSON object : View
Products Affected
fedoraproject
- fedora
condor_project
- condor
CWE
CWE-863
Incorrect Authorization