The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
History
21 Nov 2024, 01:55
Type | Values Removed | Values Added |
---|---|---|
References | () http://rhn.redhat.com/errata/RHSA-2013-1171.html - | |
References | () http://rhn.redhat.com/errata/RHSA-2013-1172.html - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=919401 - | |
References | () https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786 - | |
References | () https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829 - |
15 Jul 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:enterprise_mrg:2.1:*:*:*:*:*:*:* cpe:2.3:a:redhat:enterprise_mrg:2.3:*:*:*:*:*:*:* |
cpe:2.3:o:redhat:enterprise_mrg:2.3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_mrg:2.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_mrg:2.2:*:*:*:*:*:*:* |
Information
Published : 2013-10-11 22:55
Updated : 2024-11-21 01:55
NVD link : CVE-2013-4255
Mitre link : CVE-2013-4255
CVE.ORG link : CVE-2013-4255
JSON object : View
Products Affected
redhat
- enterprise_mrg
condor_project
- condor
CWE
CWE-20
Improper Input Validation