CVE-2012-3490 - OpenCVE

The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Wisc	Htcondor

Configuration 1 [-]

OR	cpe:2.3:a:wisc:htcondor::::::::
	cpe:2.3:a:wisc:htcondor::::::::

References

Link	Resource
http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=94e84ce4
http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html	Release Notes Third Party Advisory
http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html	Release Notes Third Party Advisory
http://www.openwall.com/lists/oss-security/2012/09/20/9	Mailing List Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490	Issue Tracking Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2020-01-09T20:23:57

Updated: 2020-01-09T20:23:57

Reserved: 2012-06-14T00:00:00

Link: CVE-2012-3490

JSON object: View

NVD Information

Status : Modified

Published: 2020-01-09T21:15:11.200

Modified: 2023-11-07T02:11:35.900

Link: CVE-2012-3490

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "Condor", "vendor": "Condor", "versions": [{"status": "affected", "version": "7.6.x before 7.6.10 and 7.8.x before 7.8.4"}]}], "datePublic": "2012-09-19T00:00:00", "descriptions": [{"lang": "en", "value": "The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors."}], "problemTypes": [{"descriptions": [{"description": "Other", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-09T20:23:57", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=94e84ce4"}, {"tags": ["x_refsource_MISC"], "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"}, {"tags": ["x_refsource_MISC"], "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"}, {"tags": ["x_refsource_MISC"], "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-3490", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Condor", "version": {"version_data": [{"version_value": "7.6.x before 7.6.10 and 7.8.x before 7.8.4"}]}}]}, "vendor_name": "Condor"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Other"}]}]}, "references": {"reference_data": [{"name": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=94e84ce4", "refsource": "MISC", "url": "http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=94e84ce4"}, {"name": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html", "refsource": "MISC", "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"}, {"name": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html", "refsource": "MISC", "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"}, {"name": "http://www.openwall.com/lists/oss-security/2012/09/20/9", "refsource": "MISC", "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-3490", "datePublished": "2020-01-09T20:23:57", "dateReserved": "2012-06-14T00:00:00", "dateUpdated": "2020-01-09T20:23:57", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wisc:htcondor:*:*:*:*:*:*:*:*", "matchCriteriaId": "6A3AFBA2-7944-4C71-AE8A-2D41F248B002", "versionEndExcluding": "7.6.10", "versionStartIncluding": "7.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:wisc:htcondor:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D81B622-EE32-4168-9113-6AA4FC37BD82", "versionEndExcluding": "7.8.4", "versionStartIncluding": "7.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The (1) my_popenv_impl and (2) my_spawnv functions in src/condor_utils/my_popen.cpp and the (3) systemCommand function in condor_vm-gahp/vmgahp_common.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created with root privileges and allow remote attackers to gain privileges via unspecified vectors."}, {"lang": "es", "value": "Las funciones (1) my_popenv_impl y (2) my_spawnv en el archivo src/condor_utils/my_popen.cpp y la funci\u00f3n (3) systemCommand en el archivo condor_vm-gahp/vmgahp_common.cpp en Condor versiones 7.6.x anteriores a 7.6.10 y versiones 7.8.x anteriores a 7.8.4 no comprueba apropiadamente el valor de retorno de las llamadas de setuid, lo que puede causar que un subproceso o hilo sea creado con privilegios root y permitir a atacantes remotos obtener privilegios por medio de vectores no especificados."}], "id": "CVE-2012-3490", "lastModified": "2023-11-07T02:11:35.900", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 9.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-09T21:15:11.200", "references": [{"source": "secalert@redhat.com", "url": "http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=94e84ce4"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html"}, {"source": "secalert@redhat.com", "tags": ["Release Notes", "Third Party Advisory"], "url": "http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2012/09/20/9"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-3490"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}