CVE-2008-3424

Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WRITE, DENY_WRITE, HOSTALLOW_WRITE, or HOSTDENY_WRITE configuration variables in authorization policy lists, which might allow remote attackers to bypass intended access restrictions.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:condor_project:condor:7.0.3:*:*:*:*:*:*:*
cpe:2.3:a:condor_project:condor:*:*:*:*:*:*:*:*
cpe:2.3:a:condor_project:condor:7.0.0:*:*:*:*:*:*:*
cpe:2.3:a:condor_project:condor:7.0.1:*:*:*:*:*:*:*
cpe:2.3:a:condor_project:condor:7.0.2:*:*:*:*:*:*:*

Information

Published : 2008-07-31 15:41

Updated : 2017-08-07 18:31


NVD link : CVE-2008-3424

Mitre link : CVE-2008-3424


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

condor_project

  • condor