pbs_mom in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command.
| Version | Base score | Base severity | Vector |
|---|
| Hyperlink | Resource Type |
|---|
pbs_mom in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command.
| Type | CWE ID | Description |
|---|---|---|
| text | N/A | n/a |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| http://www.openwall.com/lists/oss-security/2013/09/09/11 | mailing-list x_refsource_MLIST |
| http://www.debian.org/security/2013/dsa-2770 | vendor-advisory x_refsource_DEBIAN |
| http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.html | mailing-list x_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2013/09/09/4 | mailing-list x_refsource_MLIST |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| http://www.openwall.com/lists/oss-security/2013/09/09/11 | mailing-list x_refsource_MLIST x_transferred |
| http://www.debian.org/security/2013/dsa-2770 | vendor-advisory x_refsource_DEBIAN x_transferred |
| http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.html | mailing-list x_refsource_MLIST x_transferred |
| http://www.openwall.com/lists/oss-security/2013/09/09/4 | mailing-list x_refsource_MLIST x_transferred |
pbs_mom in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command.
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 2.0 | 9.0 | HIGH | AV:N/AC:L/Au:S/C:C/I:C/A:C |
| Hyperlink | Source | Resource |
|---|---|---|
| http://www.debian.org/security/2013/dsa-2770 | secalert@redhat.com | N/A |
| http://www.openwall.com/lists/oss-security/2013/09/09/11 | secalert@redhat.com | N/A |
| http://www.openwall.com/lists/oss-security/2013/09/09/4 | secalert@redhat.com | N/A |
| http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.html | secalert@redhat.com | Patch Vendor Advisory |
| http://www.debian.org/security/2013/dsa-2770 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.openwall.com/lists/oss-security/2013/09/09/11 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.openwall.com/lists/oss-security/2013/09/09/4 | af854a3a-2127-422b-91ae-364da2661108 | N/A |
| http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.html | af854a3a-2127-422b-91ae-364da2661108 | Patch Vendor Advisory |