Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-3459

Overview

Vulnerability Score 4.9 4.9
CVE Id CVE-2012-3459
Last Modified 24 Nov 2013 11:26:44
Published 28 Sep 2012 01:55:01
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-3459

Summary

Cumin before 0.1.5444, as used in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0, allows remote authenticated users to modify Condor attributes and possibly gain privileges via crafted additional parameters in an HTTP POST request, which triggers a job attribute change request to Condor.

Vulnerable Systems

Application

  • Redhat Enterprise Mrg 2.0

  • Trevor Mckay Cumin 0.1.3160-1

  • Trevor Mckay Cumin 0.1.4369-1

  • Trevor Mckay Cumin 0.1.4410-2

  • Trevor Mckay Cumin 0.1.4494-1

  • Trevor Mckay Cumin 0.1.4794-1

  • Trevor Mckay Cumin 0.1.4916-1

  • Trevor Mckay Cumin 0.1.5033-1

  • Trevor Mckay Cumin 0.1.5037-1

  • Trevor Mckay Cumin 0.1.5054-1

  • Trevor Mckay Cumin 0.1.5068-1

  • Trevor Mckay Cumin 0.1.5092-1

  • Trevor Mckay Cumin 0.1.5098-2

  • Trevor Mckay Cumin 0.1.5105-1

  • Trevor Mckay Cumin 0.1.5137-1

  • Trevor Mckay Cumin 0.1.5137-2

  • Trevor Mckay Cumin 0.1.5137-3

  • Trevor Mckay Cumin 0.1.5137-4

  • Trevor Mckay Cumin 0.1.5137-5

  • Trevor Mckay Cumin 0.1.5192-1

  • Trevor Mckay Cumin 0.1.5192-4


References

BID - 55632

SECUNIA - 50666

REDHAT - RHSA-2012:1281

REDHAT - RHSA-2012:1278

MISC - http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=846501

SECUNIA - 50660


Last Updated: 27 May 2016 11:00:50