Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Condor 格式化字符串漏洞
Vulnerability Description
Condor(现称HTCondor)是美国威斯康星大学麦迪逊分校所开发的一套用来管理计算密集型任务的批处理队列系统。该系统是通过一个高吞吐量的计算(HTC)环境实现的,并提供任务队列机制、调度策略等功能。 Red Hat MRG Grid中使用的Condor 7.2.0至7.6.4版本中存在格式化字符串漏洞。本地攻击者可借助使用XML用户日志的任务格式化字符串说明符或传输文件的文件名中的格式化字符串说明符,利用该漏洞造成拒绝服务(condor_schedd守护进程和启动任务失败),也可能执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A