Vulnerability Description
Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Globus | Globus Toolkit | 3.2.0 |
References
- http://secunia.com/advisories/21516PatchVendor Advisory
- http://www.globus.org/mail_archive/security-announce/2006/08/msg00000.htmlPatch
- http://www.securityfocus.com/bid/19549Patch
- http://www.vupen.com/english/advisories/2006/3290
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28408
- http://secunia.com/advisories/21516PatchVendor Advisory
- http://www.globus.org/mail_archive/security-announce/2006/08/msg00000.htmlPatch
- http://www.securityfocus.com/bid/19549Patch
- http://www.vupen.com/english/advisories/2006/3290
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28408
FAQ
What is CVE-2006-4232?
CVE-2006-4232 is a vulnerability with a CVSS score of 1.2 (LOW). Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file...
How severe is CVE-2006-4232?
CVE-2006-4232 has been rated LOW with a CVSS base score of 1.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2006-4232?
Check the references section above for vendor advisories and patch information. Affected products include: Globus Globus Toolkit.