Your submission was sent successfully! Close

CVE-2012-3492

Published: 28 September 2012

The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.

Priority

Low

Status

Package Release Status
condor
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(7.8.2~dfsg.1-1+deb7u1)