CVE-2012-3493

描述

The command_give_request_ad function in condor_startd.V6/command.cpp Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 allows remote attackers to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condor_startd port, which leaks the ClaimId.

受影響套件(1)

• Debian/condorfrom 0, < 7.8.2~dfsg.1-1+deb7u1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-3493