Vulnerability Details CVE-2006-4232
Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.8%
CVSS Severity
CVSS v2 Score 1.2
References
- http://secunia.com/advisories/21516
- http://www.globus.org/mail_archive/security-announce/2006/08/msg00000.html
- http://www.securityfocus.com/bid/19549
- http://www.vupen.com/english/advisories/2006/3290
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28408
- http://secunia.com/advisories/21516
- http://www.globus.org/mail_archive/security-announce/2006/08/msg00000.html
- http://www.securityfocus.com/bid/19549
- http://www.vupen.com/english/advisories/2006/3290
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28408
Products affected by CVE-2006-4232
-
cpe:2.3:a:globus:globus_toolkit:3.2.0
-
cpe:2.3:a:globus:globus_toolkit:4.0.0
-
cpe:2.3:a:globus:globus_toolkit:4.1.0