Bug 1199867 – VUL-0: CVE-2019-18823: htcondor: Incorrect access control in condor_startd

Bug 1199867 - (CVE-2019-18823) VUL-0: CVE-2019-18823: htcondor: Incorrect access control in condor_startd

(CVE-2019-18823)
Summary:	VUL-0: CVE-2019-18823: htcondor: Incorrect access control in condor_startd

Status:	RESOLVED FIXED

Classification:	openSUSE
Product:	openSUSE Distribution
Classification:	openSUSE
Component:	Security
Version:	Leap 15.4
Hardware:	Other Other

Priority:	P5 - None Severity: Major (vote)
Target Milestone:	---
Assigned To:	Christian Goll
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/258547/
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2022-05-24 08:44 UTC by Thomas Leroy
Modified:	2022-05-24 08:46 UTC (History)
CC List:	0 users

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Thomas Leroy 2022-05-24 08:44:21 UTC

rh#1828436

HTCondor up to and including stable series 8.8.6 and development series 8.9.4 has Incorrect Access Control. It is possible to use a different authentication method to submit a job than the administrator has specified. If the administrator has configured the READ or WRITE methods to include CLAIMTOBE, then it is possible to impersonate another user to the condor_schedd. (For example to submit or remove jobs)

https://research.cs.wisc.edu/htcondor/
https://research.cs.wisc.edu/htcondor/new.html
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0001.html
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0002.html
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0003.html
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0004.html

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1828436
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18823
https://www.debian.org/security/2022/dsa-5144
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-18823.html
http://www.debian.org/security/-1/dsa-5144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18823
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0002.html
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0003.html
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0004.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3EOTJJOSMYKXIYXWSG3H4KN332EDSEB6/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BL5YCZXYS67MLJSHR4OLSWVHBE6PZJSB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VMPZ7XPOPA4JGAQAUJ4K7JV653DSCIDK/
https://lists.debian.org/debian-lts-announce/2021/08/msg00000.html
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=963777
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1008634
https://research.cs.wisc.edu/htcondor/
https://research.cs.wisc.edu/htcondor/security/vulnerabilities/HTCONDOR-2020-0001.html
https://research.cs.wisc.edu/htcondor/new.html

Comment 1 Thomas Leroy 2022-05-24 08:46:36 UTC

Already fixed, closing