Vulnerability Description
pbs_mom in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Adaptivecomputing | Torque Resource Manager | <= 4.0.2 |
Related Weaknesses (CWE)
References
- http://www.debian.org/security/2013/dsa-2770
- http://www.openwall.com/lists/oss-security/2013/09/09/11
- http://www.openwall.com/lists/oss-security/2013/09/09/4
- http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.htmlPatchVendor Advisory
- http://www.debian.org/security/2013/dsa-2770
- http://www.openwall.com/lists/oss-security/2013/09/09/11
- http://www.openwall.com/lists/oss-security/2013/09/09/4
- http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.htmlPatchVendor Advisory
FAQ
What is CVE-2013-4319?
CVE-2013-4319 is a vulnerability with a CVSS score of 9.0 (HIGH). pbs_mom in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authentic...
How severe is CVE-2013-4319?
CVE-2013-4319 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-4319?
Check the references section above for vendor advisories and patch information. Affected products include: Adaptivecomputing Torque Resource Manager.