Skip to content
High Published: Jul 31, 2008 Modified: Apr 09, 2025

CVE-2008-3424

7.5 CVSS Score High
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Export CVE-2008-3424 Data:
Share:
Link copied!

Description

Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WRITE, DENY_WRITE, HOSTALLOW_WRITE, or HOSTDENY_WRITE configuration variables in authorization policy lists, which might allow remote attackers to bypass intended access restrictions.

CVSS Vector Details

Attack Vector Network
Attack Complexity Low
Confidentiality P
Integrity P
Availability P

Affected Software Configurations

  • a condor_project condor * * * * * * * *
  • o fedoraproject fedora 9 * * * * * * *

Weaknesses (CWE)

  • CWE-863

References & External Links

External Resources

NVD Official Record Exploit-DB Search Exploits CVE Details Statistics GitHub PoC / Tools X / Twitter Discussions Google Search More

Related Vulnerabilities

CVE-2001-1155 CVSS 9.8 Same weakness: CWE-863 CVE-2005-2136 CVSS 0 Same weakness: CWE-863 CVE-2006-6679 CVSS 7.5 Same weakness: CWE-863 CVE-2007-2586 CVSS 0 Same weakness: CWE-863 CVE-2008-0595 CVSS 0 Same weakness: CWE-863

CVE History Timeline

Aug 01, 2008 14:11 Initial Analysis
Aug 08, 2017 01:31 CVE Modified
Jan 12, 2024 20:45 Modified Analysis
May 14, 2024 01:55 CVE Modified
Nov 21, 2024 00:49 CVE Modified
← Back to CVE Tracker