Vulnerability Description
Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cluster Resources | Torque Resource Manager | 1.0.1p0 |
| Clusterresources | Torque Resource Manager | <= 2.5.8 |
Related Weaknesses (CWE)
References
- http://openwall.com/lists/oss-security/2012/01/05/1
- http://openwall.com/lists/oss-security/2012/01/05/9Patch
- http://secunia.com/advisories/47381Vendor Advisory
- http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259
- http://www.securityfocus.com/bid/51224
- http://openwall.com/lists/oss-security/2012/01/05/1
- http://openwall.com/lists/oss-security/2012/01/05/9Patch
- http://secunia.com/advisories/47381Vendor Advisory
- http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259
- http://www.securityfocus.com/bid/51224
FAQ
What is CVE-2011-4925?
CVE-2011-4925 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts...
How severe is CVE-2011-4925?
CVE-2011-4925 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-4925?
Check the references section above for vendor advisories and patch information. Affected products include: Cluster Resources Torque Resource Manager, Clusterresources Torque Resource Manager.