Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
3.5
CVSSv2

CVE-2013-4255

Published: 11/10/2013 Updated: 15/07/2021
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P
Subscribe to Condor Project

Vulnerability Summary

The policy definition evaluator in Condor 7.5.4, 8.0.0, and previous versions does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

condor project condor 7.5.4

condor project condor

redhat enterprise mrg 2.1

redhat enterprise mrg 2.3

redhat enterprise mrg 2.0

redhat enterprise mrg 2.2

Vendor Advisories

Debian CVElist Bug Report Logs: condor: CVE-2013-4255
Debian Bug report logs - #721693 condor: CVE-2013-4255 Package: condor; Maintainer for condor is HTCondor Developers <condor-debian@cswiscedu>; Source for condor is src:condor (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 3 Sep 2013 06:18:02 UTC Severity: important Tags: securi ...
Red Hat: Moderate: condor security update
Synopsis Moderate: condor security update Type/Severity Security Advisory: Moderate Topic Updated condor packages that fix one security issue are now available forRed Hat Enterprise MRG 23 for Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having moderatesecurity imp ...
Red Hat: Moderate: condor security update
Synopsis Moderate: condor security update Type/Severity Security Advisory: Moderate Topic Updated condor packages that fix one security issue are now available forRed Hat Enterprise MRG 23 for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity imp ...
Red Hat: CVE-2013-4255
The policy definition evaluator in Condor 754, 800, and earlier does not properly handle attributes in a (1) PREEMPT, (2) SUSPEND, (3) CONTINUE, (4) WANT_VACATE, or (5) KILL policy that evaluate to an Unconfigured, Undefined, or Error state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted ...

References

CWE-20https://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=3829https://bugzilla.redhat.com/show_bug.cgi?id=919401http://rhn.redhat.com/errata/RHSA-2013-1171.htmlhttps://htcondor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1786http://rhn.redhat.com/errata/RHSA-2013-1172.htmlhttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=721693https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2013-4255
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook