Vulnerability Description
Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Condor Project | Condor | <= 7.0.4 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/32189Vendor Advisory
- http://secunia.com/advisories/32193
- http://secunia.com/advisories/32232
- http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000Vendor Advisory
- http://www.redhat.com/support/errata/RHSA-2008-0911.html
- http://www.redhat.com/support/errata/RHSA-2008-0924.html
- http://www.securityfocus.com/bid/31621
- http://www.securitytracker.com/id?1021002
- http://www.vupen.com/english/advisories/2008/2760
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.ht
- http://secunia.com/advisories/32189Vendor Advisory
- http://secunia.com/advisories/32193
- http://secunia.com/advisories/32232
- http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000Vendor Advisory
- http://www.redhat.com/support/errata/RHSA-2008-0911.html
FAQ
What is CVE-2008-3830?
CVE-2008-3830 is a vulnerability with a CVSS score of 7.2 (HIGH). Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended a...
How severe is CVE-2008-3830?
CVE-2008-3830 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3830?
Check the references section above for vendor advisories and patch information. Affected products include: Condor Project Condor.