Enterprise Mrg CVE-2009-5136 Denial-Of-Service Vulnerability

Enterprise Mrg CVE-2009-5136 Denial-Of-Service Vulnerability

Enterprise Mrg is prone to a denial-of-service vulnerability. The policy definition evaluator in Condor before 7.4.2 does not properly handle attributes in a WANT_SUSPEND policy that evaluate to an UNDEFINED state, which allows remote authenticated users to cause a denial of service (condor_startd exit) via a crafted job.