Executive Summary

Summary
Title TORQUE Resource Manager: Multiple vulnerabilities
Informations
Name GLSA-201412-47 First vendor Publication 2014-12-26
Vendor Gentoo Last vendor Modification 2014-12-26
Severity (Vendor) High Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been found in TORQUE Resource Manager, possibly resulting in escalation of privileges or remote code execution.

Background

TORQUE is a resource manager and queuing system based on OpenPBS.

Description

Multiple vulnerabilities have been discovered in TORQUE Resource Manager. Please review the CVE identifiers referenced below for details.

Impact

A context-dependent attacker may be able to gain escalated privileges, execute arbitrary code, or bypass security restrictions.

Workaround

There is no known workaround at this time.

Resolution

All TORQUE Resource Manager 4.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-cluster/torque-4.1.7"

All TORQUE Resource Manager 2.x users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=sys-cluster/torque-2.5.13"

NOTE: One or more of the issues described in this advisory have been fixed in previous updates. They are included in this advisory for the sake of completeness. It is likely that your system is already no longer affected by them.

References

[ 1 ] CVE-2011-2193 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2193
[ 2 ] CVE-2011-2907 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2907
[ 3 ] CVE-2011-4925 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4925
[ 4 ] CVE-2013-4319 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4319
[ 5 ] CVE-2013-4495 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4495
[ 6 ] CVE-2014-0749 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-0749

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201412-47.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201412-47.xml

CWE : Common Weakness Enumeration

% Id Name
33 % CWE-264 Permissions, Privileges, and Access Controls
33 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
17 % CWE-287 Improper Authentication
17 % CWE-94 Failure to Control Generation of Code ('Code Injection')

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15296
 
Oval ID: oval:org.mitre.oval:def:15296
Title: DSA-2329-1 torque -- buffer overflow
Description: Bartlomiej Balcerek discovered several buffer overflows in torque server, a PBS-derived batch processing server. This allows an attacker to crash the service or execute arbitrary code with privileges of the server via crafted job or host names. The oldstable distribution does not contain torque.
Family: unix Class: patch
Reference(s): DSA-2329-1
CVE-2011-2193
 Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
 Product(s): torque
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19859
 
Oval ID: oval:org.mitre.oval:def:19859
Title: DSA-2796-1 torque - arbitrary code execution
Description: Matt Ezell from Oak Ridge National Labs reported a vulnerability in torque, a PBS-derived batch processing queueing system.
Family: unix Class: patch
Reference(s): DSA-2796-1
CVE-2013-4495
 Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/Linux 7
Debian GNU/kFreeBSD 6.0
Debian GNU/kFreeBSD 7
 Product(s): torque
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20050
 
Oval ID: oval:org.mitre.oval:def:20050
Title: DSA-2770-1 torque - authentication bypass
Description: John Fitzpatrick of MWR InfoSecurity discovered an authentication bypass vulnerability in torque, a PBS-derived batch processing queueing system.
Family: unix Class: patch
Reference(s): DSA-2770-1
CVE-2013-4319
 Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/Linux 7
Debian GNU/kFreeBSD 6.0
Debian GNU/kFreeBSD 7
 Product(s): torque
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:24745
 
Oval ID: oval:org.mitre.oval:def:24745
Title: DSA-2936-1 torque - security update
Description: John Fitzpatrick from MWR Labs reported a stack-based buffer overflow vulnerability in torque, a PBS-derived batch processing queueing system. An unauthenticated remote attacker could exploit this flaw to execute arbitrary code with root privileges.
Family: unix Class: patch
Reference(s): DSA-2936-1
CVE-2014-0749
 Version: 3
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
 Product(s): torque
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 77
Application 28
Application 52

ExploitDB Exploits

id Description
2014-05-28 TORQUE Resource Manager 2.5.x-2.5.13 - Stack Based Buffer Overflow Stub

OpenVAS Exploits

Date Description
2012-02-11 Name : Debian Security Advisory DSA 2329-1 (torque)
File : nvt/deb_2329_1.nasl
2011-07-18 Name : Fedora Update for torque FEDORA-2011-8072
File : nvt/gb_fedora_2011_8072_torque_fc15.nasl
2011-06-24 Name : Fedora Update for torque FEDORA-2011-8117
File : nvt/gb_fedora_2011_8117_torque_fc14.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
78095 TORQUE Munge Authentication Unspecified User Impersonation Weakness

TORQUE Resource Manager contains an error in its implementation of MUNGE authentication. The error allows for users to impersonate other users on the system. Since MUNGUE creates a level of trust among resources, impersonating users may grant access to many more resources and privileges on a TORQUE system than an attacker would normally gain with single user accounts.
74540 TORQUE Resource Manager Job Creation PBS_O_HOST Variable Authentication Bypass
73235 TORQUE Resource Manager src/lib/Libnet/get_hostaddr.c Host Name Handling Over...
73234 TORQUE Resource Manager src/server/req_quejob.c Job Name Handling Overflow

Nessus® Vulnerability Scanner

Date Description
2014-12-29 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201412-47.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-11989.nasl - Type : ACT_GATHER_INFO
2014-10-20 Name : The remote Fedora host is missing a security update.
File : fedora_2014-12059.nasl - Type : ACT_GATHER_INFO
2014-09-23 Name : The remote Fedora host is missing a security update.
File : fedora_2014-10153.nasl - Type : ACT_GATHER_INFO
2014-05-25 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2936.nasl - Type : ACT_GATHER_INFO
2013-11-21 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2796.nasl - Type : ACT_GATHER_INFO
2013-11-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-268.nasl - Type : ACT_GATHER_INFO
2013-10-20 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2013-252.nasl - Type : ACT_GATHER_INFO
2013-10-10 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2770.nasl - Type : ACT_GATHER_INFO
2011-10-28 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2329.nasl - Type : ACT_GATHER_INFO
2011-07-13 Name : The remote Fedora host is missing a security update.
File : fedora_2011-8072.nasl - Type : ACT_GATHER_INFO
2011-06-22 Name : The remote Fedora host is missing a security update.
File : fedora_2011-8117.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2014-12-30 13:25:13
  • Multiple Updates
2014-12-26 21:22:45
  • First insertion