Clusterresources Torque Resource Manager : Security vulnerabilities, CVEs

CVE-2011-4925

Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors.

Max CVSS

4.9

EPSS Score

0.18%

Published

2012-01-13

Updated

2012-02-02

CVE-2011-2907

Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBS_O_HOST variable to the qsub program.

Max CVSS

7.5

EPSS Score

1.71%

Published

2011-08-15

Updated

2017-08-29

CVE-2011-2193

Multiple buffer overflows in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.x before 2.4.14, 2.5.x before 2.5.6, and 3.x before 3.0.2 allow (1) remote authenticated users to gain privileges via a long Job_Name field in a qsub command to the server, and might allow (2) local users to gain privileges via vectors involving a long host variable in pbs_iff.

Max CVSS

8.5

EPSS Score

0.35%

Published

2011-06-24

Updated

2018-10-09

Clusterresources » Torque Resource Manager : Security Vulnerabilities, CVEs,

CVE-2011-4925

CVE-2011-2907

CVE-2011-2193