CVE-2009-4133

Published: Dec 23, 2009Modified: Apr 23, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute.

Affected (33)

Products: Condor Project: Condor · Redhat: Enterprise Mrg

1 product

1 product

Configuration A

33 vulnerable

Vulnerable Software	Affected Versions
Condor Project Condor	Version 6.5.4
Condor Project Condor	Version 6.8.0
Condor Project Condor	Version 6.8.1
Condor Project Condor	Version 6.8.2
Condor Project Condor	Version 6.8.3
Condor Project Condor	Version 6.8.4
Condor Project Condor	Version 6.8.5
Condor Project Condor	Version 6.8.6
Condor Project Condor	Version 6.8.7
Condor Project Condor	Version 6.8.8
Condor Project Condor	Version 6.8.9
Condor Project Condor	Version 7.0.0
Condor Project Condor	Version 7.0.1
Condor Project Condor	Version 7.0.2
Condor Project Condor	Version 7.0.3
Condor Project Condor	Version 7.0.4
Condor Project Condor	Version 7.0.5
Condor Project Condor	Version 7.0.6
Condor Project Condor	Version 7.1.0
Condor Project Condor	Version 7.1.1
Condor Project Condor	Version 7.1.2
Condor Project Condor	Version 7.1.3
Condor Project Condor	Version 7.1.4
Condor Project Condor	Version 7.2.0
Condor Project Condor	Version 7.2.1
Condor Project Condor	Version 7.2.2
Condor Project Condor	Version 7.2.3
Condor Project Condor	Version 7.2.4
Condor Project Condor	Version 7.3.0
Condor Project Condor	Version 7.3.1
Condor Project Condor	Version 7.3.2
Condor Project Condor	Version 7.4.0
Redhat Enterprise Mrg	Version 1.2

References (22)

http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018

Source: secalert@redhat.com

http://secunia.com/advisories/37766

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/37803

Source: secalert@redhat.com

Vendor Advisory

http://securitytracker.com/id?1023378

Source: secalert@redhat.com

http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000

Source: secalert@redhat.com

Vendor Advisory

http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html

Source: secalert@redhat.com

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2009-1688.html

Source: secalert@redhat.com

http://www.redhat.com/support/errata/RHSA-2009-1689.html

Source: secalert@redhat.com

http://www.securityfocus.com/bid/37443

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=544371

Source: secalert@redhat.com

https://exchange.xforce.ibmcloud.com/vulnerabilities/54984

Source: secalert@redhat.com

http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/37766

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/37803

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://securitytracker.com/id?1023378

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.redhat.com/support/errata/RHSA-2009-1688.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.redhat.com/support/errata/RHSA-2009-1689.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/37443

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=544371

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/54984

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.