CVE-2011-4930

EUVD-2011-4840
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.4 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 26%
Affected Products (NVD)
VendorProductVersion
condor_projectcondor
7.2.0
condor_projectcondor
7.2.1
condor_projectcondor
7.2.2
condor_projectcondor
7.2.3
condor_projectcondor
7.2.4
condor_projectcondor
7.2.5
condor_projectcondor
7.3.0
condor_projectcondor
7.3.1
condor_projectcondor
7.3.2
condor_projectcondor
7.4.0
condor_projectcondor
7.4.1
condor_projectcondor
7.4.2
condor_projectcondor
7.5.4
condor_projectcondor
7.6.0
condor_projectcondor
7.6.1
condor_projectcondor
7.6.2
condor_projectcondor
7.6.3
condor_projectcondor
7.6.4
redhatenterprise_mrg
1.3
redhatenterprise_mrg
2.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
condor
sid
23.6.2+dfsg-2
fixed
trixie
23.6.2+dfsg-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
condor
hardy
dne
lucid
ignored
maverick
ignored
natty
ignored
oneiric
ignored
precise
dne
quantal
not-affected
raring
not-affected
saucy
not-affected
Common Weakness Enumeration
References
http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html
http://rhn.redhat.com/errata/RHSA-2012-0099.html
http://rhn.redhat.com/errata/RHSA-2012-0100.html
https://bugzilla.redhat.com/show_bug.cgi?id=759548
https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867
https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264
https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429
https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660
http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html
http://rhn.redhat.com/errata/RHSA-2012-0099.html
http://rhn.redhat.com/errata/RHSA-2012-0100.html
https://bugzilla.redhat.com/show_bug.cgi?id=759548
https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867
https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264
https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429
https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660