Globus: >> Globus Toolkit >> 3.0.2 Security Vulnerabilities
The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnam_r function, which might allow remote attackers to gain privileges by logging in with a user that does not exist, which causes GridFTP to run as the last user in the password file.
CVSS Score
7.6
EPSS Score
0.025
Published
2012-06-07