{"containers": {"cna": {"affected": [{"product": "Condor", "vendor": "Condor", "versions": [{"status": "affected", "version": "7.6.x before 7.6.10 and 7.8.x before 7.8.4"}]}], "datePublic": "2012-09-19T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "Other", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-09T20:23:57.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=94e84ce4"}, {"tags": ["x_refsource_MISC"], "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"}, {"tags": ["x_refsource_MISC"], "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-3490", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Condor", "version": {"version_data": [{"version_value": "7.6.x before 7.6.10 and 7.8.x before 7.8.4"}]}}]}, "vendor_name": "Condor"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Other"}]}]}, "references": {"reference_data": [{"name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=94e84ce4", "refsource": "MISC", "url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=94e84ce4"}, {"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html", "refsource": "MISC", "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"}, {"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html", "refsource": "MISC", "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"}, {"name": "http://www.openwall.com/lists/oss-security/2012/09/20/9", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:05:12.539Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=94e84ce4"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-3490", "datePublished": "2020-01-09T20:23:57.000Z", "dateReserved": "2012-06-14T00:00:00.000Z", "dateUpdated": "2024-08-06T20:05:12.539Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wisc:htcondor:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A3AFBA2-7944-4C71-AE8A-2D41F248B002", "versionEndExcluding": "7.6.10", "versionStartIncluding": "7.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:wisc:htcondor:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D81B622-EE32-4168-9113-6AA4FC37BD82", "versionEndExcluding": "7.8.4", "versionStartIncluding": "7.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors."}, {"lang": "es", "value": "Las funciones (1) my_popenv_impl y (2) my_spawnv en el archivo src/condor_utils/my_popen.cpp y la funci\u00f3n (3) systemCommand en el archivo condor_vm-gahp/vmgahp_common.cpp en Condor versiones 7.6.x anteriores a 7.6.10 y versiones 7.8.x anteriores a 7.8.4 no comprueba apropiadamente el valor de retorno de las llamadas de setuid, lo que puede causar que un subproceso o hilo sea creado con privilegios root y permitir a atacantes remotos obtener privilegios por medio de vectores no especificados."}], "id": "CVE-2012-3490", "lastModified": "2024-11-21T01:40:59.050", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-09T21:15:11.200", "references": [{"source": "secalert@redhat.com", "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=94e84ce4"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=94e84ce4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes", "Third Party Advisory"], "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Florian Weimer (Red Hat Product Security Team).", "bugzilla": {"description": "condor: does not check return value of setuid and similar calls, exploitable via VMware support", "id": "848212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=848212"}, "csaw": false, "cvss": {"cvss_base_score": "4.6", "cvss_scoring_vector": "AV:N/AC:H/Au:S/C:P/I:P/A:P", "status": "draft"}, "details": ["The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors."], "name": "CVE-2012-3490", "package_state": [{"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "condor", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2012-09-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-3490\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-3490"], "statement": "Not vulnerable. This issue did not affect the versions of condor as shipped with Red Hat Enterprise MRG as it does not include the vulnerable code (VMware support is not compiled in).", "threat_severity": "Moderate"}

{}