Basic search

K
mageiaGentoo FoundationMGASA-2013-0308
HistoryOct 17, 2013 - 11:03 p.m.

Updated torque packages fix CVE-2013-4319

2013-10-1723:03:34
Gentoo Foundation
advisories.mageia.org
5

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

65.1%

Updated torque package fixes security vulnerability: A non-priviledged user who was able to run jobs or login to a node which ran pbs_server or pbs_mom, could submit arbitrary jobs to a pbs_mom daemon to queue and run the job, which would run as root (CVE-2013-4319).

OSVersionArchitecturePackageVersionFilename
Mageia2noarchtorque< 2.5.12-1.1torque-2.5.12-1.1.mga2
Mageia3noarchtorque< 4.1.5.1-1.1torque-4.1.5.1-1.1.mga3

9 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

0.003 Low

EPSS

Percentile

65.1%

Related for MGASA-2013-0308