The policy definition evaluator in Condor 7.5.4, 8.0.0, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2013-10-11T22:00:00Z

Updated: 2024-08-06T16:38:01.601Z

Reserved: 2013-06-12T00:00:00Z

Link: CVE-2013-4255

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2013-10-11T22:55:39.910

Modified: 2024-11-21T01:55:13.503

Link: CVE-2013-4255

cve-icon Redhat

Severity : Moderate

Publid Date: 2013-08-21T00:00:00Z

Links: CVE-2013-4255 - Bugzilla