32 matches found
SUSE CVE-2014-2058
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330...
GHSA-7FPG-PP3M-H22F Jenkins allows attackers to execute arbitrary jobs
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330...
GHSA-25C5-58XW-HW5Q Jenkins allows Remote Users to Build Arbitrary Jobs
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors...
Jenkins allows Remote Users to Build Arbitrary Jobs
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors...
Authorization Bypass
jenkins is vulnerable to authorization bypass. The vulnerability exists as remotely authenticated users with Job/CONFIGURE permission can bypass intended restrictions to create or destroy arbitrary jobs...
Information Disclosure
Condor is vulnerable to information disclosure. Remote attackers are able to obtain sensitive information, and possibly control or start arbitrary jobs, via a ClassAd request to the condorstartd port, which leaks the ClaimId...
CVE-2014-2058
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330...
CVE-2014-2058
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330...
CVE-2014-2058
CVE-2014-2058 affects Jenkins (BuildTrigger) where authenticated remote users could bypass access restrictions and trigger arbitrary jobs by configuring a job to trigger another. Affected versions are Jenkins before 1.551 and LTS before 1.532.2. The issue is described as a result of an incomplete...
CVE-2014-2058
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330...
Design/Logic Flaw
Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/CONFIGURE permission to bypass intended restrictions and create or destroy arbitrary jobs via unspecified vectors...
CVE-2014-3663
Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/CONFIGURE permission to bypass intended restrictions and create or destroy arbitrary jobs via unspecified vectors...
PT-2014-5441 · Cloudbees +1 · Jenkins
Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 1.583 Jenkins LTS versions prior to 1.565.3 Description: The issue allows remote authenticated users with the Job/CONFIGURE permission to bypass intended restrictions. This can lead to the creation or destruction of...
Mandriva Linux Security Advisory : torque (MDVSA-2013:252)
Updated torque package fixes security vulnerability : A non-priviledged user who was able to run jobs or login to a node which ran pbsserver or pbsmom, could submit arbitrary jobs to a pbsmom daemon to queue and run the job, which would run as root CVE-2013-4319. %NASLMINLEVEL 70300 C Tenable...
Updated torque packages fix CVE-2013-4319
Updated torque package fixes security vulnerability: A non-priviledged user who was able to run jobs or login to a node which ran pbsserver or pbsmom, could submit arbitrary jobs to a pbsmom daemon to queue and run the job, which would run as root CVE-2013-4319...
CVE-2013-4319
pbsmom in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command...
UBUNTU-CVE-2013-4319
pbsmom in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command...
CVE-2013-4319
pbsmom in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command...
CVE-2013-4319
CVE-2013-4319 affects TORQUE Resource Manager’s pbs_mom, where improper access control on unprivileged ports allows remote authenticated users to submit commands and execute arbitrary jobs. Affected versions include TORQUE 2.5.x, 4.x, and earlier. Root cause: failure to properly restrict access b...
CVE-2013-4319
pbsmom in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command...