14 matches found
EUVD-2014-3630
Malware in sbrugna...
CVE-2014-3684
The tmadopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary...
CVE-2014-3684
CVE-2014-3684 affects the TORQUE Resource Manager (lib/Libifl/tm.c, tm_adopt) across 5.0.x, 4.5.x, 4.2.x and earlier. The root cause is that the owner of a process is not validated to also own the adopted session id, enabling remote authenticated users to kill arbitrary processes via a crafted ex...
Design/Logic Flaw
The sendthemail function in server/svrmail.c in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager before 4.2.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the email -M switch to qsub...
CVE-2013-4495
The vulnerability CVE-2013-4495 affects TORQUE Resource Manager before 4.2.6, where the send_the_mail function in server/svr_mail.c allows remote attackers to execute arbitrary commands via shell metacharacters in the email (-M) switch to qsub. This is a remote, unauthenticated vector with high i...
CVE-2013-4495
The sendthemail function in server/svrmail.c in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager before 4.2.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the email -M switch to qsub...
Command injection
pbsmom in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command...
CVE-2013-4319
pbsmom in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command...
UBUNTU-CVE-2013-4319
pbsmom in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command...
CVE-2011-4925
TORQUE Resource Manager (Terascale Open-Source Resource and Queue Manager) =sys-cluster/torque-2.5.13 or >=sys-cluster/torque-4.1.7). The connected documents do not provide exploit code or in-the-wild details. If pursuing mitigation, apply vendor/security advisory guidance to upgrade to the sp...
CVE-2011-2907
Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...
Design/Logic Flaw
Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...
CVE-2011-2907
Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...
CVE-2011-2193
Multiple buffer overflows in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.x before 2.4.14, 2.5.x before 2.5.6, and 3.x before 3.0.2 allow 1 remote authenticated users to gain privileges via a long JobName field in a qsub command to the server, and might allow 2...