CVE-2011-4930

10.02.2014, 18:15

Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4.4 UNKNOWN	LOCAL	MEDIUM		AV:L/AC:M/Au:N/C:P/I:P/A:P
redhat	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 28%

Vendor	Product	Version
condor_project	condor	7.2.0
condor_project	condor	7.2.1
condor_project	condor	7.2.2
condor_project	condor	7.2.3
condor_project	condor	7.2.4
condor_project	condor	7.2.5
condor_project	condor	7.3.0
condor_project	condor	7.3.1
condor_project	condor	7.3.2
condor_project	condor	7.4.0
condor_project	condor	7.4.1
condor_project	condor	7.4.2
condor_project	condor	7.5.4
condor_project	condor	7.6.0
condor_project	condor	7.6.1
condor_project	condor	7.6.2
condor_project	condor	7.6.3
condor_project	condor	7.6.4
redhat	enterprise_mrg	1.3
redhat	enterprise_mrg	2.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

condor

sid	23.6.2+dfsg-2 fixed
trixie	23.6.2+dfsg-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

condor

saucy	not-affected
raring	not-affected
quantal	not-affected
precise	dne
oneiric	ignored
natty	ignored
maverick	ignored
lucid	ignored
hardy	dne

Common Weakness Enumeration

CWE-134 - Use of Externally-Controlled Format String
The software uses a function that accepts a format string as an argument, but the format string originates from an external source.

References

http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html

http://rhn.redhat.com/errata/RHSA-2012-0099.html

http://rhn.redhat.com/errata/RHSA-2012-0100.html

https://bugzilla.redhat.com/show_bug.cgi?id=759548

https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867

https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264

https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429

https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660

http://research.cs.wisc.edu/htcondor/security/vulnerabilities/CONDOR-2012-0001.html

http://rhn.redhat.com/errata/RHSA-2012-0099.html

http://rhn.redhat.com/errata/RHSA-2012-0100.html

https://bugzilla.redhat.com/show_bug.cgi?id=759548

https://htcondor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=5e5571d1a431eb3c61977b6dd6ec90186ef79867

https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28264

https://htcondor-wiki.cs.wisc.edu/index.cgi/chngview?cn=28429

https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=2660