CVE-2013-4319

critical

Description

pbs_mom in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 2.5.x, 4.x, and earlier does not properly restrict access by unprivileged ports, which allows remote authenticated users to execute arbitrary jobs by submitting a command.

References

http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.html

http://www.openwall.com/lists/oss-security/2013/09/09/4

http://www.openwall.com/lists/oss-security/2013/09/09/11

http://www.debian.org/security/2013/dsa-2770

Details

Source: Mitre, NVD

Published: 2013-10-11

Updated: 2013-10-15

Risk Information

CVSS v2

Base Score: 9

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical