CVE-2014-3684

CVE-2014-3684 affects the TORQUE Resource Manager (lib/Libifl/tm.c, tm_adopt) across 5.0.x, 4.5.x, 4.2.x and earlier. The root cause is that the owner of a process is not validated to also own the adopted session id, enabling remote authenticated users to kill arbitrary processes via a crafted ex...

Command injection

pbsmom in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command...

CVE-2013-4319

pbsmom in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command...

CVE-2011-2907

Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...

Design/Logic Flaw

Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...

CVE-2011-2907

Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBSOHOST variable to the qsub program...

CVE-2011-2193

Multiple buffer overflows in Terascale Open-Source Resource and Queue Manager aka TORQUE Resource Manager 2.x before 2.4.14, 2.5.x before 2.5.6, and 3.x before 3.0.2 allow 1 remote authenticated users to gain privileges via a long JobName field in a qsub command to the server, and might allow 2...