Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WRITE, DENY_WRITE, HOSTALLOW_WRITE, or HOSTDENY_WRITE configuration variables in authorization policy lists, which might allow remote attackers to bypass intended access restrictions.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2008-07-31 15:41
Updated : 2017-08-07 18:31
NVD link : CVE-2008-3424
Mitre link : CVE-2008-3424
JSON object : View
CWE
CWE-264
Permissions, Privileges, and Access Controls
Products Affected
condor_project
- condor