CVE-2012-3492

The filesystem authentication (condor_io/condor_auth_fs.cpp) in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user’s authentication directory.

Date published : 2012-09-28

http://www.securityfocus.com/bid/55632

http://condor-git.cs.wisc.edu/?p=condor.git;a=commitdiff;h=1db67805