Gentoo Local Security Checks : Gentoo Security Advisory GLSA 201412-47

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.121333

Categoría: Gentoo Local Security Checks

Título: Gentoo Security Advisory GLSA 201412-47

Resumen: Gentoo Linux Local Security Checks GLSA 201412-47

Descripción: Summary:
Gentoo Linux Local Security Checks GLSA 201412-47

Vulnerability Insight:
Multiple vulnerabilities have been discovered in TORQUE Resource Manager. Please review the CVE identifiers referenced below for details.

Solution:
Update the affected packages to the latest available version.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-2193
BugTraq ID: 48374
http://www.securityfocus.com/bid/48374
Bugtraq: 20110713 Torque Server Buffer Overflow Vulnerability (Google Search)
http://www.securityfocus.com/archive/1/518885/100/0/threaded
Debian Security Information: DSA-2329 (Google Search)
http://www.debian.org/security/2011/dsa-2329
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062638.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061645.html
http://secunia.com/advisories/45039
http://secunia.com/advisories/45040
http://securityreason.com/securityalert/8304
XForce ISS Database: torque-hostnames-bo(68152)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68152
XForce ISS Database: torque-jobnames-bo(68151)
https://exchange.xforce.ibmcloud.com/vulnerabilities/68151
Common Vulnerability Exposure (CVE) ID: CVE-2011-2907
45524
http://secunia.com/advisories/45524
49119
http://www.securityfocus.com/bid/49119
[oss-security] 20110810 CVE-2011-2907: authentication bypass in torque
http://www.openwall.com/lists/oss-security/2011/08/11/1
[torqueusers] 20110809 TORQUE authorization security vulnerability
http://www.clusterresources.com/pipermail/torqueusers/2011-August/013194.html
https://bugzilla.redhat.com/show_bug.cgi?id=713090
https://wiki.egi.eu/wiki/SVG:Advisory-SVG-2011-2296
torque-resource-manager-pbsohost-sec-bypass(69138)
https://exchange.xforce.ibmcloud.com/vulnerabilities/69138
Common Vulnerability Exposure (CVE) ID: CVE-2011-4925
47381
http://secunia.com/advisories/47381
51224
http://www.securityfocus.com/bid/51224
[oss-security] 20120105 CVE request: TORQUE Munge Authentication Security Bypass
http://openwall.com/lists/oss-security/2012/01/05/1
[oss-security] 20120105 Re: CVE request: TORQUE Munge Authentication Security Bypass
http://openwall.com/lists/oss-security/2012/01/05/9
http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259
Common Vulnerability Exposure (CVE) ID: CVE-2013-4319
DSA-2770
http://www.debian.org/security/2013/dsa-2770
[oss-security] 20130909 CVE request: Torque privilege escalation
http://www.openwall.com/lists/oss-security/2013/09/09/4
[oss-security] 20130909 Re: CVE request: Torque privilege escalation
http://www.openwall.com/lists/oss-security/2013/09/09/11
[torqueusers] 20130906 security advisory
http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4495
Debian Security Information: DSA-2796 (Google Search)
https://www.debian.org/security/2013/dsa-2796
http://secunia.com/advisories/55535
http://secunia.com/advisories/55622
Common Vulnerability Exposure (CVE) ID: CVE-2014-0749
BugTraq ID: 67420
http://www.securityfocus.com/bid/67420
Bugtraq: 20140515 [CVE-2014-0749] TORQUE Buffer Overflow (Google Search)
http://www.securityfocus.com/archive/1/532110/100/0/threaded
Debian Security Information: DSA-2936 (Google Search)
http://www.debian.org/security/2014/dsa-2936
http://www.exploit-db.com/exploits/33554
http://packetstormsecurity.com/files/126651/Torque-2.5.13-Buffer-Overflow.html
http://packetstormsecurity.com/files/126855/TORQUE-Resource-Manager-2.5.13-Buffer-Overflow.html
https://labs.mwrinfosecurity.com/advisories/2014/05/14/torque-buffer-overflow
https://labs.mwrinfosecurity.com/system/assets/662/original/torque-buffer-overflow_2014-05-14.pdf
http://osvdb.org/show/osvdb/107024

Copyright Copyright (C) 2015 Eero Volotinen

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.121333
Categoría:	Gentoo Local Security Checks
Título:	Gentoo Security Advisory GLSA 201412-47
Resumen:	Gentoo Linux Local Security Checks GLSA 201412-47
Descripción:	Summary: Gentoo Linux Local Security Checks GLSA 201412-47 Vulnerability Insight: Multiple vulnerabilities have been discovered in TORQUE Resource Manager. Please review the CVE identifiers referenced below for details. Solution: Update the affected packages to the latest available version. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-2193 BugTraq ID: 48374 http://www.securityfocus.com/bid/48374 Bugtraq: 20110713 Torque Server Buffer Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/518885/100/0/threaded Debian Security Information: DSA-2329 (Google Search) http://www.debian.org/security/2011/dsa-2329 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062638.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061645.html http://secunia.com/advisories/45039 http://secunia.com/advisories/45040 http://securityreason.com/securityalert/8304 XForce ISS Database: torque-hostnames-bo(68152) https://exchange.xforce.ibmcloud.com/vulnerabilities/68152 XForce ISS Database: torque-jobnames-bo(68151) https://exchange.xforce.ibmcloud.com/vulnerabilities/68151 Common Vulnerability Exposure (CVE) ID: CVE-2011-2907 45524 http://secunia.com/advisories/45524 49119 http://www.securityfocus.com/bid/49119 [oss-security] 20110810 CVE-2011-2907: authentication bypass in torque http://www.openwall.com/lists/oss-security/2011/08/11/1 [torqueusers] 20110809 TORQUE authorization security vulnerability http://www.clusterresources.com/pipermail/torqueusers/2011-August/013194.html https://bugzilla.redhat.com/show_bug.cgi?id=713090 https://wiki.egi.eu/wiki/SVG:Advisory-SVG-2011-2296 torque-resource-manager-pbsohost-sec-bypass(69138) https://exchange.xforce.ibmcloud.com/vulnerabilities/69138 Common Vulnerability Exposure (CVE) ID: CVE-2011-4925 47381 http://secunia.com/advisories/47381 51224 http://www.securityfocus.com/bid/51224 [oss-security] 20120105 CVE request: TORQUE Munge Authentication Security Bypass http://openwall.com/lists/oss-security/2012/01/05/1 [oss-security] 20120105 Re: CVE request: TORQUE Munge Authentication Security Bypass http://openwall.com/lists/oss-security/2012/01/05/9 http://www.adaptivecomputing.com/resources/docs/torque/3-0-3/changelog.php#259 Common Vulnerability Exposure (CVE) ID: CVE-2013-4319 DSA-2770 http://www.debian.org/security/2013/dsa-2770 [oss-security] 20130909 CVE request: Torque privilege escalation http://www.openwall.com/lists/oss-security/2013/09/09/4 [oss-security] 20130909 Re: CVE request: Torque privilege escalation http://www.openwall.com/lists/oss-security/2013/09/09/11 [torqueusers] 20130906 security advisory http://www.supercluster.org/pipermail/torqueusers/2013-September/016098.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4495 Debian Security Information: DSA-2796 (Google Search) https://www.debian.org/security/2013/dsa-2796 http://secunia.com/advisories/55535 http://secunia.com/advisories/55622 Common Vulnerability Exposure (CVE) ID: CVE-2014-0749 BugTraq ID: 67420 http://www.securityfocus.com/bid/67420 Bugtraq: 20140515 [CVE-2014-0749] TORQUE Buffer Overflow (Google Search) http://www.securityfocus.com/archive/1/532110/100/0/threaded Debian Security Information: DSA-2936 (Google Search) http://www.debian.org/security/2014/dsa-2936 http://www.exploit-db.com/exploits/33554 http://packetstormsecurity.com/files/126651/Torque-2.5.13-Buffer-Overflow.html http://packetstormsecurity.com/files/126855/TORQUE-Resource-Manager-2.5.13-Buffer-Overflow.html https://labs.mwrinfosecurity.com/advisories/2014/05/14/torque-buffer-overflow https://labs.mwrinfosecurity.com/system/assets/662/original/torque-buffer-overflow_2014-05-14.pdf http://osvdb.org/show/osvdb/107024
Copyright	Copyright (C) 2015 Eero Volotinen