Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2009-12-23T18:00:00

Updated: 2024-08-07T06:54:09.951Z

Reserved: 2009-12-01T00:00:00

Link: CVE-2009-4133

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-12-23T18:30:00.687

Modified: 2024-11-21T01:08:59.593

Link: CVE-2009-4133

cve-icon Redhat

Severity : Moderate

Publid Date: 2010-01-15T00:00:00Z

Links: CVE-2009-4133 - Bugzilla