Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:29996
HistoryNov 18, 2013 - 12:00 a.m.

[SECURITY] [DSA 2796-1] torque security update

2013-11-1800:00:00
vulners.com
21
JSON

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Debian Security Advisory DSA-2796-1 [email protected]
http://www.debian.org/security/ Salvatore Bonaccorso
November 13, 2013 http://www.debian.org/security/faq

Package : torque
Vulnerability : arbitrary code execution
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-4495
Debian Bug : 729333

Matt Ezell from Oak Ridge National Labs reported a vulnerability in
torque, a PBS-derived batch processing queueing system.

A user could submit executable shell commands on the tail of what is
passed with the -M switch for qsub. This was later passed to a pipe,
making it possible for these commands to be executed as root on the
pbs_server.

For the oldstable distribution (squeeze), this problem has been fixed in
version 2.4.8+dfsg-9squeeze3.

For the stable distribution (wheezy), this problem has been fixed in
version 2.4.16+dfsg-1+deb7u2.

For the unstable distribution (sid), this problem has been fixed in
version 2.4.16+dfsg-1.3.

We recommend that you upgrade your torque packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBCgAGBQJSg9JgAAoJEAVMuPMTQ89EqOIP/Au7xN2tw30qBBOtnlyDxonv
Dqn5FxfAyxvsrBuD4uB4wOELNR8UiqHn1xWcRBLHTP5DJonhAHMH3VeCFJIjfj0a
vUcnzu0SnChvrT1OaZEF7M7RzOzT03ylSKwA5ED6U7ZuXOPqWPSXI+hzDhjLuThf
S6hrw4yAc9RI6uoMQIK5HHbPf8EwjhO+ep/cXPH7KizCw64xdpqBrkEqNvPS851C
m7CjfiGp2nOMLcdr0MUA62P/tRn9PYcCrNLcVge+2TXAtZ4gWctCxd3iud4R8Abt
EYnzv8uckW1/yhTyd4l2wc5U34Xbf6O6ZbuQwt9ZzF/s4XNCaX26BLcwTNWYYOmy
+YnRW+QqBsiTXIS3W2uTW9w93iwgkP7t087tZx6enllxplqkkI8GNX7bWNXA2lcY
iQuCLfxzsNYkhNiGkuf4NgglUbcMEw4D8V4vuHoTAVSwemLLY2ghkwSCLW1ZUHTb
wI0gDJPSFp10Z3CORSHJghFX5LH25HgrKDJ4S0Waz5WjBRT21r4Li/bsYHGOMht2
jAyQ3H1Ahfk4KK/IKu5V/q6UoYMtX5On2ozCfTdUa/fLvvQHzDj6zHLmWa+ob3Xg
yH+T0Fsj+laxky1N+QeYnN2uMPiAsxKsR1RLvoZk2dniStdldkwR37Pmv9jlFjnf
RFqk8VMbBlX9kb5qxPdq
=z3T1
-----END PGP SIGNATURE-----

Related

nessus 6
openvas 8
debian 2
fedora 6
cve 1
mageia 1
prion 1
ubuntucve 1
securityvulns 1
gentoo 1
nessus
nessus
Debian DSA-2796-1 : torque - arbitrary code execution
2013-11-21 00:00:00
Fedora 21 : torque-4.2.8-1.fc21 (2014-10153)
2014-09-23 00:00:00
Mandriva Linux Security Advisory : torque (MDVSA-2013:268)
2013-11-20 00:00:00
openvas
openvas
Debian Security Advisory DSA 2796-1 (torque - arbitrary code execution)
2013-11-13 00:00:00
Debian Security Advisory DSA 2796-1 (torque - arbitrary code execution)
2013-11-13 00:00:00
Fedora Update for torque FEDORA-2014-12059
2014-10-19 00:00:00
debian
debian
[SECURITY] [DSA 2796-1] torque security update
2013-11-13 19:31:34
[SECURITY] [DSA 2796-1] torque security update
2013-11-13 19:31:34
fedora
fedora
[SECURITY] Fedora 21 Update: torque-4.2.8-1.fc21
2014-09-23 04:46:33
[SECURITY] Fedora 20 Update: torque-3.0.4-6.fc20
2014-10-18 16:59:37
[SECURITY] Fedora 19 Update: torque-3.0.4-5.fc19
2014-10-18 17:00:05
cve
cve
CVE-2013-4495
2013-11-20 14:12:00
mageia
mageia
Updated torque packages fix CVE-2013-4495
2013-11-18 18:41:45
prion
prion
Design/Logic Flaw
2013-11-20 14:12:00
ubuntucve
ubuntucve
CVE-2013-4495
2013-11-20 00:00:00
securityvulns
securityvulns
torque authentication bypass
2013-11-18 00:00:00
gentoo
gentoo
TORQUE Resource Manager: Multiple vulnerabilities
2014-12-26 00:00:00
JSON
Related for SECURITYVULNS:DOC:29996
nessus6openvas8debian2fedora6cve1mageia1prion1ubuntucve1securityvulns1gentoo1