CVE-2012-3491 | Vulnerability Database | Aqua Security

src/condor_schedd.V6/schedd.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the permissions of jobs, which allows remote authenticated users to remove arbitrary idle jobs via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Condor	Condor_project	7.6.1	7.6.1
Condor	Condor_project	7.6.3	7.6.3
Condor	Condor_project	7.6.9	7.6.9
Condor	Condor_project	7.6.0	7.6.0
Condor	Condor_project	7.6.5	7.6.5
Condor	Condor_project	7.6.6	7.6.6
Condor	Condor_project	7.8.3	7.8.3
Condor	Condor_project	7.8.1	7.8.1
Condor	Condor_project	7.6.4	7.6.4
Condor	Condor_project	7.8.0	7.8.0
Condor	Condor_project	7.6.7	7.6.7
Condor	Condor_project	7.6.2	7.6.2
Condor	Condor_project	7.6.8	7.6.8
Condor	Condor_project	7.8.2	7.8.2

References

http://rhn.redhat.com/errata/RHSA-2012-1281.html
https://bugzilla.redhat.com/show_bug.cgi?id=848214
http://www.securityfocus.com/bid/55632
http://secunia.com/advisories/50666
http://research.cs.wisc.edu/condor/manual/v7.6/8_3Stable_Release.html
http://rhn.redhat.com/errata/RHSA-2012-1278.html
http://www.openwall.com/lists/oss-security/2012/09/20/9
http://research.cs.wisc.edu/condor/manual/v7.8/9_3Stable_Release.html
http://condor-git.cs.wisc.edu/?p=condor.git%3Ba=commitdiff%3Bh=1fff5d40

NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-3491
CWE	https://cwe.mitre.org/data/definitions/264.html