Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    4 vulnerabilities found for torque_resource_manager by cluster_resources

    CVE-2011-4925 (GCVE-0-2011-4925)

    Vulnerability from nvd – Published: 2012-01-13 02:00 – Updated: 2024-08-07 00:23
    VLAI
    Summary
    Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://openwall.com/lists/oss-security/2012/01/05/1 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/47381 third-party-advisoryx_refsource_SECUNIA
    http://openwall.com/lists/oss-security/2012/01/05/9 mailing-listx_refsource_MLIST
    http://www.adaptivecomputing.com/resources/docs/t… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/51224 vdb-entryx_refsource_BID
    Date Public
    2011-11-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:23:38.635Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20120105 CVE request: TORQUE Munge Authentication Security Bypass",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2012/01/05/1"
              },
              {
                "name": "47381",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/47381"
              },
              {
                "name": "[oss-security] 20120105 Re: CVE request: TORQUE Munge Authentication Security Bypass",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2012/01/05/9"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259"
              },
              {
                "name": "51224",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/51224"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-11-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-02-02T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "[oss-security] 20120105 CVE request: TORQUE Munge Authentication Security Bypass",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2012/01/05/1"
            },
            {
              "name": "47381",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/47381"
            },
            {
              "name": "[oss-security] 20120105 Re: CVE request: TORQUE Munge Authentication Security Bypass",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2012/01/05/9"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259"
            },
            {
              "name": "51224",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/51224"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-4925",
        "datePublished": "2012-01-13T02:00:00.000Z",
        "dateReserved": "2011-12-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:23:38.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5677 (GCVE-0-2006-5677)

    Vulnerability from nvd – Published: 2006-11-03 11:00 – Updated: 2024-08-07 19:55
    VLAI
    Summary
    resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and earlier allows local users to create arbitrary files via a symlink attack on (1) a job output file in /usr/spool/PBS/spool and possibly (2) a job file in /usr/spool/PBS/mom_priv/jobs.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/449248/100… mailing-listx_refsource_BUGTRAQ
    http://security.gentoo.org/glsa/glsa-200611-14.xml vendor-advisoryx_refsource_GENTOO
    http://www.vupen.com/english/advisories/2006/4651 vdb-entryx_refsource_VUPEN
    http://securityreason.com/securityalert/1820 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/20632 vdb-entryx_refsource_BID
    http://csirt.fe.up.pt/docs/TORQUE-audit.pdf x_refsource_MISC
    Date Public
    2006-10-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:55:53.904Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061018 TORQUE Spool Job Race condition (torque \u003c= 2.0.0p8)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/449248/100/200/threaded"
              },
              {
                "name": "GLSA-200611-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200611-14.xml"
              },
              {
                "name": "ADV-2006-4651",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4651"
              },
              {
                "name": "1820",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1820"
              },
              {
                "name": "20632",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20632"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://csirt.fe.up.pt/docs/TORQUE-audit.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and earlier allows local users to create arbitrary files via a symlink attack on (1) a job output file in /usr/spool/PBS/spool and possibly (2) a job file in /usr/spool/PBS/mom_priv/jobs."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061018 TORQUE Spool Job Race condition (torque \u003c= 2.0.0p8)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/449248/100/200/threaded"
            },
            {
              "name": "GLSA-200611-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200611-14.xml"
            },
            {
              "name": "ADV-2006-4651",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4651"
            },
            {
              "name": "1820",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1820"
            },
            {
              "name": "20632",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20632"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://csirt.fe.up.pt/docs/TORQUE-audit.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5677",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and earlier allows local users to create arbitrary files via a symlink attack on (1) a job output file in /usr/spool/PBS/spool and possibly (2) a job file in /usr/spool/PBS/mom_priv/jobs."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061018 TORQUE Spool Job Race condition (torque \u003c= 2.0.0p8)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/449248/100/200/threaded"
                },
                {
                  "name": "GLSA-200611-14",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200611-14.xml"
                },
                {
                  "name": "ADV-2006-4651",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4651"
                },
                {
                  "name": "1820",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1820"
                },
                {
                  "name": "20632",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20632"
                },
                {
                  "name": "http://csirt.fe.up.pt/docs/TORQUE-audit.pdf",
                  "refsource": "MISC",
                  "url": "http://csirt.fe.up.pt/docs/TORQUE-audit.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5677",
        "datePublished": "2006-11-03T11:00:00.000Z",
        "dateReserved": "2006-11-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:55:53.904Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2011-4925 (GCVE-0-2011-4925)

    Vulnerability from cvelistv5 – Published: 2012-01-13 02:00 – Updated: 2024-08-07 00:23
    VLAI
    Summary
    Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://openwall.com/lists/oss-security/2012/01/05/1 mailing-listx_refsource_MLIST
    http://secunia.com/advisories/47381 third-party-advisoryx_refsource_SECUNIA
    http://openwall.com/lists/oss-security/2012/01/05/9 mailing-listx_refsource_MLIST
    http://www.adaptivecomputing.com/resources/docs/t… x_refsource_CONFIRM
    http://www.securityfocus.com/bid/51224 vdb-entryx_refsource_BID
    Date Public
    2011-11-05 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T00:23:38.635Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[oss-security] 20120105 CVE request: TORQUE Munge Authentication Security Bypass",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2012/01/05/1"
              },
              {
                "name": "47381",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/47381"
              },
              {
                "name": "[oss-security] 20120105 Re: CVE request: TORQUE Munge Authentication Security Bypass",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://openwall.com/lists/oss-security/2012/01/05/9"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259"
              },
              {
                "name": "51224",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/51224"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2011-11-05T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 2.5.9, when munge authentication is used, allows remote authenticated users to impersonate arbitrary user accounts via unspecified vectors."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2012-02-02T10:00:00.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "[oss-security] 20120105 CVE request: TORQUE Munge Authentication Security Bypass",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2012/01/05/1"
            },
            {
              "name": "47381",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/47381"
            },
            {
              "name": "[oss-security] 20120105 Re: CVE request: TORQUE Munge Authentication Security Bypass",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://openwall.com/lists/oss-security/2012/01/05/9"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259"
            },
            {
              "name": "51224",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/51224"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2011-4925",
        "datePublished": "2012-01-13T02:00:00.000Z",
        "dateReserved": "2011-12-23T00:00:00.000Z",
        "dateUpdated": "2024-08-07T00:23:38.635Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-5677 (GCVE-0-2006-5677)

    Vulnerability from cvelistv5 – Published: 2006-11-03 11:00 – Updated: 2024-08-07 19:55
    VLAI
    Summary
    resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and earlier allows local users to create arbitrary files via a symlink attack on (1) a job output file in /usr/spool/PBS/spool and possibly (2) a job file in /usr/spool/PBS/mom_priv/jobs.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/449248/100… mailing-listx_refsource_BUGTRAQ
    http://security.gentoo.org/glsa/glsa-200611-14.xml vendor-advisoryx_refsource_GENTOO
    http://www.vupen.com/english/advisories/2006/4651 vdb-entryx_refsource_VUPEN
    http://securityreason.com/securityalert/1820 third-party-advisoryx_refsource_SREASON
    http://www.securityfocus.com/bid/20632 vdb-entryx_refsource_BID
    http://csirt.fe.up.pt/docs/TORQUE-audit.pdf x_refsource_MISC
    Date Public
    2006-10-18 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:55:53.904Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20061018 TORQUE Spool Job Race condition (torque \u003c= 2.0.0p8)",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/449248/100/200/threaded"
              },
              {
                "name": "GLSA-200611-14",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-200611-14.xml"
              },
              {
                "name": "ADV-2006-4651",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/4651"
              },
              {
                "name": "1820",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1820"
              },
              {
                "name": "20632",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20632"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://csirt.fe.up.pt/docs/TORQUE-audit.pdf"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and earlier allows local users to create arbitrary files via a symlink attack on (1) a job output file in /usr/spool/PBS/spool and possibly (2) a job file in /usr/spool/PBS/mom_priv/jobs."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20061018 TORQUE Spool Job Race condition (torque \u003c= 2.0.0p8)",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/449248/100/200/threaded"
            },
            {
              "name": "GLSA-200611-14",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-200611-14.xml"
            },
            {
              "name": "ADV-2006-4651",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/4651"
            },
            {
              "name": "1820",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1820"
            },
            {
              "name": "20632",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20632"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://csirt.fe.up.pt/docs/TORQUE-audit.pdf"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-5677",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and earlier allows local users to create arbitrary files via a symlink attack on (1) a job output file in /usr/spool/PBS/spool and possibly (2) a job file in /usr/spool/PBS/mom_priv/jobs."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20061018 TORQUE Spool Job Race condition (torque \u003c= 2.0.0p8)",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/449248/100/200/threaded"
                },
                {
                  "name": "GLSA-200611-14",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-200611-14.xml"
                },
                {
                  "name": "ADV-2006-4651",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/4651"
                },
                {
                  "name": "1820",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1820"
                },
                {
                  "name": "20632",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20632"
                },
                {
                  "name": "http://csirt.fe.up.pt/docs/TORQUE-audit.pdf",
                  "refsource": "MISC",
                  "url": "http://csirt.fe.up.pt/docs/TORQUE-audit.pdf"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-5677",
        "datePublished": "2006-11-03T11:00:00.000Z",
        "dateReserved": "2006-11-02T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:55:53.904Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }