CVE-2012-3493
published 2012-09-28CVE-2012-3493: The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain…
medium5.8CVSS 3.1
AVNACMAuNCPIPAN
The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.
Affected
17 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | — | — |
| condor_project | condor | >= 0 < 7.8.2~dfsg.1-1+deb7u1 | 7.8.2~dfsg.1-1+deb7u1 |
| condor_project | condor | >= 0 < 7.8.2~dfsg.1-1+deb7u1 | 7.8.2~dfsg.1-1+deb7u1 |
| debian | condor | < condor 7.8.2~dfsg.1-1+deb7u1 (forky) | condor 7.8.2~dfsg.1-1+deb7u1 (forky) |
CVSS provenance
nvd5.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:N
osv5.8MEDIUM