Globus » Globus Toolkit : Security Vulnerabilities, CVEs, CVSS score >= 6
The GridFTP in Globus Toolkit (GT) before 5.2.2, when certain autoconf macros are defined, does not properly check the return value from the getpwnam_r function, which might allow remote attackers to gain privileges by logging in with a user that does not exist, which causes GridFTP to run as the last user in the password file.
Max CVSS
7.6
EPSS Score
0.77%
Published
2012-06-07
Updated
2012-09-07
Unspecified vulnerability in globus-job-manager in Globus Toolkit 4.1.1 and earlier (globus_nexus-6.6 and earlier) allows remote attackers to cause a denial of service (resource exhaustion and system crash) via certain requests to temporary TCP ports for a GRAM2 job or its MPICH-G2 applications.
Max CVSS
7.8
EPSS Score
4.59%
Published
2007-05-21
Updated
2017-07-29
2 vulnerabilities found