{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-10-08T00:00:00", "descriptions": [{"lang": "en", "value": "Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2009-02-10T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"}, {"name": "1021002", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1021002"}, {"name": "RHSA-2008:0924", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"}, {"name": "32232", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32232"}, {"name": "32189", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32189"}, {"name": "31621", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/31621"}, {"name": "FEDORA-2008-8733", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"}, {"name": "32193", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/32193"}, {"name": "RHSA-2008:0911", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"}, {"name": "ADV-2008-2760", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2760"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:53:00.315Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"}, {"name": "1021002", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1021002"}, {"name": "RHSA-2008:0924", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"}, {"name": "32232", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32232"}, {"name": "32189", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32189"}, {"name": "31621", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/31621"}, {"name": "FEDORA-2008-8733", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"}, {"name": "32193", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/32193"}, {"name": "RHSA-2008:0911", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"}, {"name": "ADV-2008-2760", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2760"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-3830", "datePublished": "2008-10-08T20:44:00", "dateReserved": "2008-08-27T00:00:00", "dateUpdated": "2024-08-07T09:53:00.315Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:condor_project:condor:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC1ED29E-B24F-4233-A506-38C078DA3A0C", "versionEndIncluding": "7.0.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "D8E5E567-70BE-4C89-85BD-75BCA71D8DBC", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "C82D2C15-DFD1-40E0-86FC-F48263416AA3", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "B0C8D4B5-3A8A-42BA-8C9A-98989FA23A65", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "EA32C2CA-B61F-449B-B90A-054AF177C296", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "03F817A5-9926-4AB5-8D25-8B68DC905B05", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "52BDAA46-4598-4DC2-8B1B-D85CBF649133", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "524D6F4F-4715-4F68-A069-87CDEF8BB5DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "3219F472-97A7-4A8E-A45C-DBFB3E25AA17", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "EB2B77EF-FEC9-4433-8A15-5DF7F51B056D", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:6.8.9:*:*:*:*:*:*:*", "matchCriteriaId": "6B67DCD1-6A39-4E77-AE65-9FADD3A267FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:7.0.0:*:*:*:*:*:*:*", "matchCriteriaId": "324BAB04-B03E-499C-B58D-320D14740606", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:7.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "16892FC7-5870-45A8-ABFE-D8EE5A565FF5", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:7.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C5E7E0F2-825E-4D21-A250-BEECBDDE3C6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:condor_project:condor:7.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "8E6BB9D8-6394-4317-90DF-475DE0FF0567", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions."}, {"lang": "es", "value": "Condor anterior a v7.0.5 no maneja adecuadamente cuando la configuraci\u00f3n especifica un solapamiento de m\u00e1scaras de red en las reglas de \"alow\" (permitir) o \"deny\" (denegar); esto provoca que se ignore la regla y permite a los atacantes evitar las restricciones de acceso pretendidas."}], "id": "CVE-2008-3830", "lastModified": "2011-03-08T03:11:28.610", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-10-08T22:00:01.950", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/32189"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/32193"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/32232"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://www.cs.wisc.edu/condor/manual/v7.0/8_3Stable_Release.html#SECTION00931000000000000000"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0911.html"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0924.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/31621"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1021002"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/2760"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00264.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2008:0924", "cpe": "cpe:/a:redhat:enterprise_mrg:1.0::el4", "package": "condor-0:7.0.5-2.el4", "product_name": "Grid for MRG on RHEL-4", "release_date": "2008-10-07T00:00:00Z"}, {"advisory": "RHSA-2008:0911", "cpe": "cpe:/a:redhat:enterprise_mrg:1::el5", "package": "condor-0:7.0.5-2.el5", "product_name": "MRG for RHEL-5", "release_date": "2008-10-07T00:00:00Z"}], "bugzilla": {"description": "condor: allow or deny with overlapping netmasks may be ignored", "id": "463997", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=463997"}, "csaw": false, "details": ["Condor before 7.0.5 does not properly handle when the configuration specifies overlapping netmasks in allow or deny rules, which causes the rule to be ignored and allows attackers to bypass intended access restrictions."], "name": "CVE-2008-3830", "public_date": "2008-10-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2008-3830\nhttps://nvd.nist.gov/vuln/detail/CVE-2008-3830"], "threat_severity": "Moderate"}