The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2012-09-28 10:55
Updated : 2012-10-02 21:00
NVD link : CVE-2012-3492
Mitre link : CVE-2012-3492
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
condor_project
- condor