Lucene search
+L
GlobusGlobus Toolkit

5 matches found

CVE
CVE
added 2012/06/07 8:0 p.m.58 views

CVE-2012-3292

CVE-2012-3292 affects the GridFTP component of Globus Toolkit (GT) prior to 5.2.2, where insufficient validation of a name lookup (getpwnam_r) could cause privilege escalation if a login uses a non-existent user, allowing GridFTP to run as the last user in the password file. Public references in ...

7.6CVSS6.7AI score0.03102EPSS
CVE
CVE
added 2007/05/21 11:0 p.m.53 views

CVE-2007-2784

CVE-2007-2784 describes an unspecified vulnerability in the globus-job-manager component of the Globus Toolkit 4.1.1 and earlier (also affecting globus_nexus-6.6 and earlier ). The issue allows remote attackers to cause a denial of service through certain requests to temporary TCP ports used by a...

7.8CVSS6.7AI score0.01978EPSS
CVE
CVE
added 2011/02/02 12:0 a.m.48 views

CVE-2011-0738

CVE-2011-0738 affects MyProxy 5.0–5.2 (used in Globus Toolkit 5.0.0–5.0.2). The vulnerability is a failure to properly verify the myproxy-server certificate’s hostname/identity in X.509, enabling remote attackers to spoof the server and perform MITM via a crafted certificate when running myproxy-...

4.3CVSS6.5AI score0.01585EPSS
CVE
CVE
added 2006/08/18 7:55 p.m.45 views

CVE-2006-4233

Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 are affected by a local‑only race condition in temporary file handling (in /tmp) that can let an attacker obtain proxy certificates and overwrite arbitrary files via a symlink attack. The issue is demonstrated by files created by myproxy-admi...

3.6CVSS5.9AI score0.00273EPSS
CVE
CVE
added 2006/08/18 7:55 p.m.43 views

CVE-2006-4232

CVE-2006-4232 : A race condition in the grid-proxy-init tool of Globus Toolkit (versions 3.2.x, 4.0.x, 4.1.0 before 20060815) allows local attackers to steal credential data by replacing the proxy credentials file between its creation and the check for exclusive access. The vulnerability arises f...

1.2CVSS6.2AI score0.00343EPSS