CVE-2012-3493

2012-09-28T00:00:00
ID UB:CVE-2012-3493
Type ubuntucve
Reporter ubuntu.com
Modified 2012-09-28T00:00:00

Description

The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.

Bugs

  • <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688210>