| ID |
CVE-2006-4232
|
| Summary |
Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:globus:globus_toolkit:3.2.0:*:*:*:*:*:*:*
cpe:2.3:a:globus:globus_toolkit:3.2.0:*:*:*:*:*:*:*
-
cpe:2.3:a:globus:globus_toolkit:4.0.0:*:*:*:*:*:*:*
cpe:2.3:a:globus:globus_toolkit:4.0.0:*:*:*:*:*:*:*
-
cpe:2.3:a:globus:globus_toolkit:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:globus:globus_toolkit:4.1.0:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 1.2 (as of 20-07-2017 - 01:32) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| LOCAL |
HIGH |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
NONE |
NONE |
|
| cvss-vector
via4
|
AV:L/AC:H/Au:N/C:P/I:N/A:N
|
| refmap
via4
|
| bid | 19549 | | mlist | [security-announce] 20060815 Proxy Generation Tool Vulnerability | | secunia | 21516 | | vupen | ADV-2006-3290 | | xf | globus-grid-proxy-race-condition(28408) |
|
| Last major update |
20-07-2017 - 01:32 |
| Published |
18-08-2006 - 20:04 |
| Last modified |
20-07-2017 - 01:32 |
