RHSA-2015:0036 Red Hat Security Advisory: condor security update

Bulletin has no description...

RHSA-2015:0035 Red Hat Security Advisory: condor security update

Bulletin has no description...

RHSA-2009:1689 Red Hat Security Advisory: condor security update

Bulletin has no description...

RHSA-2009:1688 Red Hat Security Advisory: condor security update

Bulletin has no description...

RHSA-2008:0911 Red Hat Security Advisory: condor security, bug fix and enhancement update

Bulletin has no description...

CVE-2013-4255

The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a 1 PREEMPT, 2 SUSPEND, 3 CONTINUE, 4 WANTVACATE, or 5 KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of...

PT-2013-1675 · Red Hat · Condor

Name of the Vulnerable Software and Affected Versions: Condor versions in Red Hat Enterprise MRG 2.3 Description: The issue allows remote attackers to cause a denial of service, resulting in a condor schedd restart, by utilizing square brackets in the cproc option when removing a job. This is due...

CVE-2012-5196

Multiple buffer overflows in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 have unknown impact and attack vectors...

CVE-2012-3491

src/condorschedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors...

CVE-2012-3492

The filesystem authentication condorio/condorauthfs.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory...

CVE-2012-3416

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOWADMINISTRATOR or ALLOWWRITE by connecting from a system with a spoofed reverse DNS hostname...

Condor: queue super user cannot drop privs

Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute...