CVE-2006-4232

Sažetak

Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.

Reference

http://secunia.com/advisories/21516
http://www.globus.org/mail_archive/security-announce/2006/08/msg00000.html
http://www.securityfocus.com/bid/19549
http://www.vupen.com/english/advisories/2006/3290
https://exchange.xforce.ibmcloud.com/vulnerabilities/28408

CVSS

Base:	1.2
Impact:	2.9
Exploitability:	1.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:L/AC:H/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:32

Objavljeno

18-08-2006 - 20:04