CVE-2006-4232 Information

Description

Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x 4.0.x and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.

Reference

http://secunia.com/advisories/21516 http://www.globus.org/mail_archive/security-announce/2006/08/msg00000.html http://www.securityfocus.com/bid/19549 http://www.vupen.com/english/advisories/2006/3290 https://exchange.xforce.ibmcloud.com/vulnerabilities/28408