condor is vulnerable to access control bypass. A flaw was found in the way Condor processes allowed and denied netmasks for access control. If a configuration file contained an overlapping netmask in the allow or deny rules, it could cause that rule to be ignored, allowing unintended access.
CPE | Name | Operator | Version |
---|---|---|---|
condor | eq | 7.0.4__4.el5 | |
condor | eq | 7.0.4__4.el4 | |
condor | eq | 7.0.4__4.el5 | |
condor | eq | 7.0.4__4.el4 |
cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html
secunia.com/advisories/32189
secunia.com/advisories/32193
secunia.com/advisories/32232
www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000
www.redhat.com/security/updates/classification/#moderate
www.redhat.com/support/errata/RHSA-2008-0911.html
www.redhat.com/support/errata/RHSA-2008-0924.html
www.securityfocus.com/bid/31621
www.securitytracker.com/id?1021002
www.vupen.com/english/advisories/2008/2760
access.redhat.com/errata/RHSA-2008:0911
www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html