Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2014-3684

Опубликовано: 30 окт. 2014
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary processes via a crafted executable.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:adaptivecomputing:torque_resource_manager:4.2.3:*:*:*:*:*:*:*
cpe:2.3:a:adaptivecomputing:torque_resource_manager:4.2.3.1:*:*:*:*:*:*:*
cpe:2.3:a:adaptivecomputing:torque_resource_manager:4.2.4:*:*:*:*:*:*:*
cpe:2.3:a:adaptivecomputing:torque_resource_manager:4.2.4.1:*:*:*:*:*:*:*
cpe:2.3:a:adaptivecomputing:torque_resource_manager:4.2.5:*:*:*:*:*:*:*
cpe:2.3:a:adaptivecomputing:torque_resource_manager:4.2.6:*:*:*:*:*:*:*
cpe:2.3:a:adaptivecomputing:torque_resource_manager:4.2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:adaptivecomputing:torque_resource_manager:4.2.7:*:*:*:*:*:*:*
cpe:2.3:a:adaptivecomputing:torque_resource_manager:4.2.8:*:*:*:*:*:*:*
cpe:2.3:a:adaptivecomputing:torque_resource_manager:4.2.9:*:*:*:*:*:*:*
cpe:2.3:a:adaptivecomputing:torque_resource_manager:5.0.0-1_43d8f09a:*:*:*:*:*:*:*

EPSS

Процентиль: 85%
0.02532
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

ubuntu логотип

CVE-2014-3684

ubuntu
больше 11 лет назад

The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary processes via a crafted executable.

debian логотип

CVE-2014-3684

debian
больше 11 лет назад

The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Reso ...

github логотип

GHSA-8xjh-f37p-57cj

github
больше 3 лет назад

The tm_adopt function in lib/Libifl/tm.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) 5.0.x, 4.5.x, 4.2.x, and earlier does not validate that the owner of the process also owns the adopted session id, which allows remote authenticated users to kill arbitrary processes via a crafted executable.

EPSS

Процентиль: 85%
0.02532
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-264