Lucene search

K
ubuntucveUbuntu.comUB:CVE-2013-4495
HistoryNov 20, 2013 - 12:00 a.m.

CVE-2013-4495

2013-11-2000:00:00
ubuntu.com
ubuntu.com
5

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.016

Percentile

87.4%

The send_the_mail function in server/svr_mail.c in Terascale Open-Source
Resource and Queue Manager (aka TORQUE Resource Manager) before 4.2.6
allows remote attackers to execute arbitrary commands via shell
metacharacters in the email (-M switch) to qsub.

OSVersionArchitecturePackageVersionFilename
ubuntu12.04noarchtorque< 2.4.16+dfsg-1+deb7u4build0.12.04.1UNKNOWN

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.016

Percentile

87.4%