CVE-2008-3830
First published: Wed Oct 08 2008(Updated: )
Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| HTCondor | <=7.0.4 | |
| HTCondor | =6.8.0 | |
| HTCondor | =6.8.1 | |
| HTCondor | =6.8.2 | |
| HTCondor | =6.8.3 | |
| HTCondor | =6.8.4 | |
| HTCondor | =6.8.5 | |
| HTCondor | =6.8.6 | |
| HTCondor | =6.8.7 | |
| HTCondor | =6.8.8 | |
| HTCondor | =6.8.9 | |
| HTCondor | =7.0.0 | |
| HTCondor | =7.0.1 | |
| HTCondor | =7.0.2 | |
| HTCondor | =7.0.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://secunia.com/advisories/32193
- http://www.securityfocus.com/bid/31621
- http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000
- http://www.securitytracker.com/id?1021002
- http://www.redhat.com/support/errata/RHSA-2008-0924.html
- http://www.redhat.com/support/errata/RHSA-2008-0911.html
- http://secunia.com/advisories/32189
- http://secunia.com/advisories/32232
- https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html
- http://www.vupen.com/english/advisories/2008/2760
Frequently Asked Questions
What is the severity of CVE-2008-3830?
CVE-2008-3830 is classified as a medium severity vulnerability due to its potential to allow unauthorized access.
How do I fix CVE-2008-3830?
To fix CVE-2008-3830, upgrade to HTCondor version 7.0.5 or later.
What specific versions of HTCondor are affected by CVE-2008-3830?
CVE-2008-3830 affects HTCondor versions up to 7.0.4 and all 6.8.x versions.
What does CVE-2008-3830 exploit in HTCondor?
CVE-2008-3830 exploits the improper handling of overlapping netmasks in allow or deny rules.
Can CVE-2008-3830 lead to data breaches?
Yes, CVE-2008-3830 can potentially lead to unauthorized access, which may result in data breaches.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/event
- agent/first-publish-date
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/condor project
- canonical/htcondor
- version/htcondor/7.0.4
- version/htcondor/6.8.0
- version/htcondor/6.8.1
- version/htcondor/6.8.2
- version/htcondor/6.8.3
- version/htcondor/6.8.4
- version/htcondor/6.8.5
- version/htcondor/6.8.6
- version/htcondor/6.8.7
- version/htcondor/6.8.8
- version/htcondor/6.8.9
- version/htcondor/7.0.0
- version/htcondor/7.0.1
- version/htcondor/7.0.2
- version/htcondor/7.0.3