Multiple Format String Vulnerabilities in Condor 7.2.0 through 7.6.4 and possibly certain 7.7.x versions

Multiple Format String Vulnerabilities in Condor 7.2.0 through 7.6.4 and possibly certain 7.7.x versions

CVE-2011-4930 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.

Learn more about our User Device Pen Test.