Unrated severityNVD Advisory· Published Aug 18, 2006· Updated Apr 16, 2026

CVE-2006-4232

Description

Race condition in the grid-proxy-init tool in Globus Toolkit 3.2.x, 4.0.x, and 4.1.0 before 20060815 allows local users to steal credential data by replacing the proxy credentials file in between file creation and the check for exclusive file access.

Affected products

Globus/Globus Toolkit3 versions
cpe:2.3:a:globus:globus_toolkit:3.2.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:globus:globus_toolkit:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:globus:globus_toolkit:4.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:globus:globus_toolkit:4.1.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/21516nvdPatchVendor Advisory
www.globus.org/mail_archive/security-announce/2006/08/msg00000.htmlnvdPatch
www.securityfocus.com/bid/19549nvdPatch
www.vupen.com/english/advisories/2006/3290nvd
exchange.xforce.ibmcloud.com/vulnerabilities/28408nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000