CVE-2009-5136

Name of the Vulnerable Software and Affected Versions Condor versions prior to 7.4.2

Description The policy definition evaluator does not properly handle attributes in a WANT SUSPEND policy that evaluate to an UNDEFINED state. This allows remote authenticated users to cause a denial of service (condor startd exit) via a crafted job.

Recommendations For versions prior to 7.4.2, update to version 7.4.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the WANT SUSPEND policy to minimize the risk of exploitation.