Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3830

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-3830
Last Modified 07 Mar 2011 10:11:28
Published 08 Oct 2008 06:00:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-3830

Summary

Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions.

Vulnerable Systems

Application

  • Condor Project Condor 6.8.0

  • Condor Project Condor 6.8.1

  • Condor Project Condor 6.8.2

  • Condor Project Condor 6.8.3

  • Condor Project Condor 6.8.4

  • Condor Project Condor 6.8.5

  • Condor Project Condor 6.8.6

  • Condor Project Condor 6.8.7

  • Condor Project Condor 6.8.8

  • Condor Project Condor 6.8.9

  • Condor Project Condor 7.0.0

  • Condor Project Condor 7.0.1

  • Condor Project Condor 7.0.2

  • Condor Project Condor 7.0.3

  • Condor Project Condor 7.0.4


References

FEDORA - FEDORA-2008-8733

VUPEN - ADV-2008-2760

SECTRACK - 1021002

BID - 31621

REDHAT - RHSA-2008:0924

REDHAT - RHSA-2008:0911

CONFIRM - http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000

SECUNIA - 32232

SECUNIA - 32193

SECUNIA - 32189


Last Updated: 27 May 2016 10:48:19