10

CVE-2012-3416

Condor before 7.8.2 allows remote attackers to bypass host-based authentication and execute actions such as ALLOW_ADMINISTRATOR or ALLOW_WRITE by connecting from a system with a spoofed reverse DNS hostname.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Condor ProjectCondor Version <= 7.8.1
Condor ProjectCondor Version6.5.4
Condor ProjectCondor Version6.8.0
Condor ProjectCondor Version6.8.1
Condor ProjectCondor Version6.8.2
Condor ProjectCondor Version6.8.3
Condor ProjectCondor Version6.8.4
Condor ProjectCondor Version6.8.5
Condor ProjectCondor Version6.8.6
Condor ProjectCondor Version6.8.7
Condor ProjectCondor Version6.8.8
Condor ProjectCondor Version6.8.9
Condor ProjectCondor Version7.00
Condor ProjectCondor Version7.0.0
Condor ProjectCondor Version7.0.1
Condor ProjectCondor Version7.0.2
Condor ProjectCondor Version7.0.3
Condor ProjectCondor Version7.0.4
Condor ProjectCondor Version7.0.5
Condor ProjectCondor Version7.0.6
Condor ProjectCondor Version7.01
Condor ProjectCondor Version7.1.0
Condor ProjectCondor Version7.1.1
Condor ProjectCondor Version7.1.2
Condor ProjectCondor Version7.1.3
Condor ProjectCondor Version7.1.4
Condor ProjectCondor Version7.02
Condor ProjectCondor Version7.2.0
Condor ProjectCondor Version7.2.1
Condor ProjectCondor Version7.2.2
Condor ProjectCondor Version7.2.3
Condor ProjectCondor Version7.2.4
Condor ProjectCondor Version7.03
Condor ProjectCondor Version7.3.0
Condor ProjectCondor Version7.3.1
Condor ProjectCondor Version7.3.2
Condor ProjectCondor Version7.4.0
Condor ProjectCondor Version7.4.1
Condor ProjectCondor Version7.8.0
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.1% 0.913
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://osvdb.org/84766
http://research.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2012-0002.html
http://rhn.redhat.com/errata/RHSA-2012-1168.html
http://rhn.redhat.com/errata/RHSA-2012-1169.html
http://secunia.com/advisories/50246
Vendor Advisory
http://secunia.com/advisories/50294
Vendor Advisory
http://www.securityfocus.com/bid/55032
http://www.securitytracker.com/id?1027395
https://exchange.xforce.ibmcloud.com/vulnerabilities/77748