Executive Summary

Informations
Name CVE-2011-4925 First vendor Publication 2012-01-12
Vendor Cve Last vendor Modification 2012-02-02

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:S/C:P/I:P/A:N)
Cvss Base Score 4.9 Attack Range Network
Cvss Impact Score 4.9 Attack Complexity Medium
Cvss Expoit Score 6.8 Authentication Requires single instance
Calculate full CVSS 2.0 Vectors scores

Detail

Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4925

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-264 Permissions, Privileges, and Access Controls

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 28
Application 50

Open Source Vulnerability Database (OSVDB)

Id Description
78095 TORQUE Munge Authentication Unspecified User Impersonation Weakness

TORQUE Resource Manager contains an error in its implementation of MUNGE authentication. The error allows for users to impersonate other users on the system. Since MUNGUE creates a level of trust among resources, impersonating users may grant access to many more resources and privileges on a TORQUE system than an attacker would normally gain with single user accounts.

Nessus® Vulnerability Scanner

Date Description
2014-12-29 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-47.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/51224
CONFIRM http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259
MLIST http://openwall.com/lists/oss-security/2012/01/05/1
http://openwall.com/lists/oss-security/2012/01/05/9
SECUNIA http://secunia.com/advisories/47381

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
Date Informations
2021-05-04 12:18:02
  • Multiple Updates
2021-04-22 01:21:20
  • Multiple Updates
2020-05-23 01:47:42
  • Multiple Updates
2020-05-23 00:32:23
  • Multiple Updates
2016-04-26 21:18:55
  • Multiple Updates
2014-12-30 13:24:59
  • Multiple Updates
2013-05-10 23:12:13
  • Multiple Updates