Bug 841175 (CVE-2012-3416)

Summary: CVE-2012-3416 condor: host based authentication does not implement forward-confirmed reverse dns
Product: [Other] Security Response Reporter: Matthew Farrellee <matt>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: iboverma, jneedle, ltoscano, mcressma, mkudlej, mrg-program-list, rcvalle, security-response-team, tstclair
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: impact=important,public=20120814,reported=20120718,source=redhat,cvss2=7.5/AV:N/AC:L/Au:N/C:P/I:P/A:P,mrg-1/condor=wontfix,mrg-2/condor=affected,fedora-all/condor=affected,cwe=CWE-284
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 841177 (view as bug list) Environment:
Last Closed: 2012-08-14 14:27:05 EDT Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On: 841177, 848145    
Bug Blocks: 841432    

Comment 6 Vincent Danen 2012-08-08 16:26:04 EDT
Condor installations that rely solely upon host-based authentication are vulnerable to an attacker who controls an IP, its reverse-DNS entry and has knowledge of a target site's security configuration. With this control and knowledge, the attacker can bypass the target site's host-based authentication and be authorized to perform privileged actions (i.e. actions requiring ALLOW_ADMINISTRATOR or ALLOW_WRITE). Condor deployments using host-based authentication that contain no hostnames (IPs or IP globs only) or use authentication stronger than host-based are not vulnerable.
Comment 10 Vincent Danen 2012-08-10 15:09:07 EDT
Acknowledgements:

Red Hat would like to thank Ken Hahn and Dan Bradley for reporting this issue.
Comment 14 errata-xmlrpc 2012-08-14 13:58:18 EDT
This issue has been addressed in following products:

  MRG for RHEL-6 v.2

Via RHSA-2012:1169 https://rhn.redhat.com/errata/RHSA-2012-1169.html
Comment 15 errata-xmlrpc 2012-08-14 13:58:51 EDT
This issue has been addressed in following products:

  MRG for RHEL-5 v. 2

Via RHSA-2012:1168 https://rhn.redhat.com/errata/RHSA-2012-1168.html
Comment 16 Vincent Danen 2012-08-14 14:26:26 EDT
Created condor tracking bugs for this issue

Affects: fedora-all [bug 848145]