{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2009-12-21T00:00:00.000Z","descriptions":[{"lang":"en","value":"Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-08-16T14:57:01.000Z","orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat"},"references":[{"name":"RHSA-2009:1689","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2009-1689.html"},{"name":"condor-jobs-security-bypass(54984)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54984"},{"name":"37766","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37766"},{"name":"RHSA-2009:1688","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://www.redhat.com/support/errata/RHSA-2009-1688.html"},{"name":"1023378","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1023378"},{"name":"37443","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/37443"},{"tags":["x_refsource_MISC"],"url":"http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html"},{"tags":["x_refsource_CONFIRM"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=544371"},{"name":"37803","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/37803"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"secalert@redhat.com","ID":"CVE-2009-4133","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Condor 6.5.4 through 7.2.4, 7.3.x, and 7.4.0, as used in MRG, Grid for MRG, and Grid Execute Node for MRG, allows remote authenticated users to queue jobs as an arbitrary user, and thereby gain privileges, by using a Condor command-line tool to modify an unspecified job attribute."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"RHSA-2009:1689","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2009-1689.html"},{"name":"condor-jobs-security-bypass(54984)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54984"},{"name":"37766","refsource":"SECUNIA","url":"http://secunia.com/advisories/37766"},{"name":"RHSA-2009:1688","refsource":"REDHAT","url":"http://www.redhat.com/support/errata/RHSA-2009-1688.html"},{"name":"1023378","refsource":"SECTRACK","url":"http://securitytracker.com/id?1023378"},{"name":"37443","refsource":"BID","url":"http://www.securityfocus.com/bid/37443"},{"name":"http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018","refsource":"MISC","url":"http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018"},{"name":"http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html","refsource":"CONFIRM","url":"http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html"},{"name":"https://bugzilla.redhat.com/show_bug.cgi?id=544371","refsource":"CONFIRM","url":"https://bugzilla.redhat.com/show_bug.cgi?id=544371"},{"name":"37803","refsource":"SECUNIA","url":"http://secunia.com/advisories/37803"},{"name":"http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000","refsource":"CONFIRM","url":"http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T06:54:09.951Z"},"title":"CVE Program Container","references":[{"name":"RHSA-2009:1689","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2009-1689.html"},{"name":"condor-jobs-security-bypass(54984)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/54984"},{"name":"37766","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37766"},{"name":"RHSA-2009:1688","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://www.redhat.com/support/errata/RHSA-2009-1688.html"},{"name":"1023378","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1023378"},{"name":"37443","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/37443"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://condor-wiki.cs.wisc.edu/index.cgi/tktview?tn=1018"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.cs.wisc.edu/condor/security/vulnerabilities/CONDOR-2009-0001.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=544371"},{"name":"37803","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/37803"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.cs.wisc.edu/condor/manual/v7.4/8_3Stable_Release.html#SECTION00931000000000000000"}]}]},"cveMetadata":{"assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","cveId":"CVE-2009-4133","datePublished":"2009-12-23T18:00:00.000Z","dateReserved":"2009-12-01T00:00:00.000Z","dateUpdated":"2024-08-07T06:54:09.951Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}