CVE-2008-3830

{"id": "CVE-2008-3830", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2008-10-08T22:00:01.950", "references": [{"url": "http://secunia.com/advisories/32189", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32193", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32232", "source": "secalert@redhat.com"}, {"url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000", "tags": ["Vendor Advisory"], "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html", "source": "secalert@redhat.com"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html", "source": "secalert@redhat.com"}, {"url": "http://www.securityfocus.com/bid/31621", "source": "secalert@redhat.com"}, {"url": "http://www.securitytracker.com/id?1021002", "source": "secalert@redhat.com"}, {"url": "http://www.vupen.com/english/advisories/2008/2760", "source": "secalert@redhat.com"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html", "source": "secalert@redhat.com"}, {"url": "http://secunia.com/advisories/32189", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/32193", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://secunia.com/advisories/32232", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/31621", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securitytracker.com/id?1021002", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.vupen.com/english/advisories/2008/2760", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions."}, {"lang": "es", "value": "Condor anterior a v7.0.5 no maneja adecuadamente cuando la configuraci\u00f3n especifica un solapamiento de m\u00e1scaras de red en las reglas de \"alow\" (permitir) o \"deny\" (denegar); esto provoca que se ignore la regla y permite a los atacantes evitar las restricciones de acceso pretendidas."}], "lastModified": "2024-11-21T00:50:13.273", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:condor_project:condor:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BC1ED29E-B24F-4233-A506-38C078DA3A0C", "versionEndIncluding": "7.0.4"}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8E5E567-70BE-4C89-85BD-75BCA71D8DBC"}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C82D2C15-DFD1-40E0-86FC-F48263416AA3"}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B0C8D4B5-3A8A-42BA-8C9A-98989FA23A65"}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA32C2CA-B61F-449B-B90A-054AF177C296"}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "03F817A5-9926-4AB5-8D25-8B68DC905B05"}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52BDAA46-4598-4DC2-8B1B-D85CBF649133"}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "524D6F4F-4715-4F68-A069-87CDEF8BB5DA"}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3219F472-97A7-4A8E-A45C-DBFB3E25AA17"}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.8:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB2B77EF-FEC9-4433-8A15-5DF7F51B056D"}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6B67DCD1-6A39-4E77-AE65-9FADD3A267FE"}, {"criteria": "cpe:2.3:a:condor_project:condor:7.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "324BAB04-B03E-499C-B58D-320D14740606"}, {"criteria": "cpe:2.3:a:condor_project:condor:7.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16892FC7-5870-45A8-ABFE-D8EE5A565FF5"}, {"criteria": "cpe:2.3:a:condor_project:condor:7.0.2:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C5E7E0F2-825E-4D21-A250-BEECBDDE3C6A"}, {"criteria": "cpe:2.3:a:condor_project:condor:7.0.3:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8E6BB9D8-6394-4317-90DF-475DE0FF0567"}], "operator": "OR"}]}], "sourceIdentifier": "secalert@redhat.com"}