Описание
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 7.8.2~dfsg.1-1+deb7u1 |
| hardy | DNE | |
| lucid | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | DNE | |
| quantal | not-affected | 7.8.2~dfsg.1-1+deb7u1 |
| raring | not-affected | 7.8.2~dfsg.1-1+deb7u1 |
| saucy | not-affected | 7.8.2~dfsg.1-1+deb7u1 |
| upstream | needs-triage |
Показывать по
EPSS
6.4 Medium
CVSS2
Связанные уязвимости
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor ...
The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
EPSS
6.4 Medium
CVSS2