Candidate: CVE-2012-3492
PublicDate: 2012-09-28 17:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3492
 https://rhn.redhat.com/errata/RHSA-2012-1278.html
Description:
 The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor
 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories
 even when they have weak permissions, which allows remote attackers to
 impersonate users by renaming a user's authentication directory.
Ubuntu-Description:
Notes:
Bugs:
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688210
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_condor:
upstream_condor: needs-triage
hardy_condor: DNE
lucid_condor: ignored (reached end-of-life)
natty_condor: ignored (reached end-of-life)
oneiric_condor: ignored (reached end-of-life)
precise_condor: DNE
quantal_condor: not-affected (7.8.2~dfsg.1-1+deb7u1)
raring_condor: not-affected (7.8.2~dfsg.1-1+deb7u1)
saucy_condor: not-affected (7.8.2~dfsg.1-1+deb7u1)
devel_condor: not-affected (7.8.2~dfsg.1-1+deb7u1)