Lucene search

K

RedhatCVELIST:CVE-2014-3684

HistoryOct 30, 2014 - 2:00 p.m.

CVE-2014-3684

2014-10-3014:00:00

redhat

www.cve.org

4

AI Score

6

Confidence

Low

EPSS

0.004

Percentile

74.9%

The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary processes via a crafted executable.

References

advisories.mageia.org/MGASA-2014-0408.html

lists.fedoraproject.org/pipermail/package-announce/2015-May/159183.html

lists.fedoraproject.org/pipermail/package-announce/2015-May/159201.html

lists.fedoraproject.org/pipermail/package-announce/2015-May/159259.html

openwall.com/lists/oss-security/2014/10/02/44

openwall.com/lists/oss-security/2014/10/02/45

secunia.com/advisories/61350

secunia.com/advisories/61960

www.debian.org/security/2014/dsa-3058

www.mandriva.com/security/advisories?name=MDVSA-2015:124

AI Score

6

Confidence

Low

EPSS

0.004

Percentile

74.9%

Related for CVELIST:CVE-2014-3684

ubuntucve1 osv2 openvas7 debian3 nessus6 mageia1 cve1 prion1 nvd1 securityvulns2 fedora3