Candidate: CVE-2011-2925
PublicDate: 2011-09-20 05:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2925
Description:
 Cumin in Red Hat Enterprise Messaging, Realtime, and Grid (MRG) 2.0 records
 broker authentication credentials in a log file, which allows local users
 to bypass authentication and perform unauthorized actions on jobs and
 message queues via a direct connection to the broker.
Ubuntu-Description:
Notes:
 tyhicks> It looks like condor may be affected. Condor and cumin was updated and
 tyhicks> we ship condor. Not sure if Ubuntu shipped version of condor is
 tyhicks> affected.
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=731574
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_condor:
 vendor: http://www.redhat.com/support/errata/RHSA-2011-1250.html
 vendor: http://www.redhat.com/support/errata/RHSA-2011-1249.html
upstream_condor: needs-triage
hardy_condor: DNE
lucid_condor: ignored (reached end-of-life)
maverick_condor: ignored (reached end-of-life)
natty_condor: ignored (reached end-of-life)
oneiric_condor: ignored (reached end-of-life)
precise_condor: DNE
quantal_condor: not-affected (7.8.0~dfsg.1-1)
raring_condor: not-affected (7.8.0~dfsg.1-1)
saucy_condor: not-affected (7.8.0~dfsg.1-1)
devel_condor: not-affected (7.8.0~dfsg.1-1)