Info

Disclosure

Jul 19, 2011

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Jul 19, 2011

Description

Condor is prone to an overflow condition. This issue is triggered when condor_history fails to properly handle constraint expressions, which will result in an overflow. With a specially crafted constraint expression that is larger than 512 characters, an attacker can potentially cause a denial of service and potentially execute arbitrary code.

Classification

Location: Location Unknown
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Exploit: Exploit Unknown
Disclosure: Vendor Verified

Solution

Upgrade to version 7.6.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Condor Team

Condor

7.6.1

References

Related OSVDB ID: 86250
Vendor URL: http://research.cs.wisc.edu/condor/
Vendor Specific News/Changelog Entry: http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/86249