CVE-2011-4930

Published Feb 10, 2014

Last updated 2 years ago

Overview

Description: Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
Source: secalert@redhat.com
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 4.4
Impact score: 6.4
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-134

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FE91D459-EF92-430A-98E8-1131D8BD8682"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E0C54D26-9124-49E6-8EBA-00AE0640633A"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4F3AD33E-A617-4C13-8858-7DCEDE3FDC87"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C66F0D08-3AE5-482A-B6AD-717475EB2D9C"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.2.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FDAC286B-A140-44E8-9B29-60B96A6B4555"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.2.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14883865-8C31-4D40-B969-D61FE18920C7"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.3.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F44106D-CD31-4FF2-A589-A7A7492FC0CC"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.3.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D973598A-90C0-4AE0-A047-17866BD6DC46"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.3.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "05A424B0-D3AF-4AF6-8575-4AD6B8E91E51"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.4.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7AA2890-BEC9-4AD6-AF74-6EC810E22AEF"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "68301687-793B-4A68-B1FB-A2B941A230C4"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55E4CE41-D1AF-4187-AA26-FCDEA2F52E0B"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8464E672-FEB8-4EC2-97EA-D6615DB22F28"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2260133-CF29-4F2F-A05E-ED5FF10F190A"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DF8B138A-F2DF-4B12-8B00-CC234D7E4BFD"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33F6FDB7-FB85-4879-81E8-CBC0BA027C85"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.6.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1A225C35-3DF2-4C5A-B3D6-BC70FCB6C241"
          },
          {
            "criteria": "cpe:2.3:a:condor_project:condor:7.6.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E4BA94AB-761B-44BB-A188-FC609789BF30"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9396E005-22D8-4342-9323-C7DEA379191D"
          },
          {
            "criteria": "cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "706C6399-CAD1-46E3-87A2-8DFE2CF497ED"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_mrg:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60D3DD4A-2984-4929-BF6A-30B8CE9B2974"
          },
          {
            "criteria": "cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C60FA8B1-1802-4522-A088-22171DCF7A93"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References