Shodan
Vulnerabilities
Vulnerable Software
Condor Project:  >> Condor  >> 7.6.5  Security Vulnerabilities
CVE-2013-4255
The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
CVSS Score
3.5
EPSS Score
0.007
Published
2013-10-11
CVE-2012-3491
src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.
CVSS Score
4.0
EPSS Score
0.011
Published
2012-09-28
CVE-2012-3492
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
CVSS Score
6.4
EPSS Score
0.007
Published
2012-09-28
CVE-2012-3493
The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.
CVSS Score
5.8
EPSS Score
0.008
Published
2012-09-28
CVE-2012-5196
Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors.
CVSS Score
10.0
EPSS Score
0.008
Published
2012-09-28
CVE-2012-5197
Multiple unspecified vulnerabilities in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors related to "error checking of system calls."
CVSS Score
10.0
EPSS Score
0.007
Published
2012-09-28
CVE-2012-3416
Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.
CVSS Score
10.0
EPSS Score
0.045
Published
2012-08-25


Products
Pricing
Contact Us

Shodan ® - All rights reserved