CVE Vulnerabilities

CVE-2011-2907

Improper Authentication

Published: Aug 15, 2011 | Modified: Aug 29, 2017
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 3.0.1 and earlier allows remote attackers to bypass host-based authentication and submit arbitrary jobs via a modified PBS_O_HOST variable to the qsub program.

Weakness

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

Affected Software

Name Vendor Start Version End Version
Torque_resource_manager Clusterresources 3.0.0 3.0.0
Torque_resource_manager Clusterresources 2.1.2 2.1.2
Torque_resource_manager Clusterresources 2.1.9 2.1.9
Torque_resource_manager Clusterresources 2.1.8 2.1.8
Torque_resource_manager Clusterresources 2.3.7 2.3.7
Torque_resource_manager Clusterresources 2.3.5 2.3.5
Torque_resource_manager Clusterresources 2.1.3 2.1.3
Torque_resource_manager Clusterresources 2.4.4 2.4.4
Torque_resource_manager Clusterresources 2.4.9 2.4.9
Torque_resource_manager Clusterresources 2.1.10 2.1.10
Torque_resource_manager Clusterresources 2.1.11 2.1.11
Torque_resource_manager Clusterresources 2.1.0p11 2.1.0p11
Torque_resource_manager Clusterresources 2.5.3 2.5.3
Torque_resource_manager Clusterresources 2.3.3 2.3.3
Torque_resource_manager Clusterresources 2.3.4 2.3.4
Torque_resource_manager Clusterresources 2.4.2 2.4.2
Torque_resource_manager Clusterresources 2.3.1 2.3.1
Torque_resource_manager Clusterresources 2.5.1 2.5.1
Torque_resource_manager Clusterresources 2.5.0 2.5.0
Torque_resource_manager Clusterresources 2.1.0 2.1.0
Torque_resource_manager Clusterresources 2.3.8 2.3.8
Torque_resource_manager Clusterresources 2.4.12 2.4.12
Torque_resource_manager Clusterresources 2.3.13 2.3.13
Torque_resource_manager Clusterresources 2.1.6 2.1.6
Torque_resource_manager Clusterresources 2.4.3 2.4.3
Torque_resource_manager Clusterresources 2.4.11 2.4.11
Torque_resource_manager Clusterresources 2.4.13 2.4.13
Torque_resource_manager Clusterresources 2.3.10 2.3.10
Torque_resource_manager Clusterresources 2.5.5 2.5.5
Torque_resource_manager Clusterresources 2.2.1 2.2.1
Torque_resource_manager Clusterresources 2.3.9 2.3.9
Torque_resource_manager Clusterresources 2.5.2 2.5.2
Torque_resource_manager Clusterresources 2.3.2 2.3.2
Torque_resource_manager Clusterresources 2.4.6 2.4.6
Torque_resource_manager Clusterresources 2.1.7 2.1.7
Torque_resource_manager Clusterresources 2.4.7 2.4.7
Torque_resource_manager Clusterresources 2.5.4 2.5.4
Torque_resource_manager Clusterresources 2.4.5 2.4.5
Torque_resource_manager Clusterresources 2.3.12 2.3.12
Torque_resource_manager Clusterresources 2.3.6 2.3.6
Torque_resource_manager Clusterresources 2.4.10 2.4.10
Torque_resource_manager Clusterresources 2.3.11 2.3.11
Torque_resource_manager Clusterresources 2.4.8 2.4.8
Torque_resource_manager Clusterresources 2.1.1 2.1.1
Torque_resource_manager Clusterresources * 3.0.1
Torque_resource_manager Clusterresources 2.3.0 2.3.0

Potential Mitigations

References