Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBS_O_HOST variable to the qsub program.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:29
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/45524 - Vendor Advisory | |
References | () http://www.clusterresources.com/pipermail/torqueusers/2011-August/013194.html - | |
References | () http://www.openwall.com/lists/oss-security/2011/08/11/1 - | |
References | () http://www.securityfocus.com/bid/49119 - | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=713090 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/69138 - | |
References | () https://wiki.egi.eu/wiki/SVG:Advisory-SVG-2011-2296 - |
Information
Published : 2011-08-15 19:55
Updated : 2024-11-21 01:29
NVD link : CVE-2011-2907
Mitre link : CVE-2011-2907
CVE.ORG link : CVE-2011-2907
JSON object : View
Products Affected
clusterresources
- torque_resource_manager
CWE
CWE-287
Improper Authentication