ID CVE-2006-5677
Summary resmom/start_exec.c in pbs_mom in TORQUE Resource Manager 2.0.0p8 and earlier allows local users to create arbitrary files via a symlink attack on (1) a job output file in /usr/spool/PBS/spool and possibly (2) a job file in /usr/spool/PBS/mom_priv/jobs.
References
Vulnerable Configurations
  • cpe:2.3:a:cluster_resources:torque_resource_manager:*:*:*:*:*:*:*:*
    cpe:2.3:a:cluster_resources:torque_resource_manager:*:*:*:*:*:*:*:*
CVSS
Base: 7.2 (as of 17-10-2018 - 21:44)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:L/AC:L/Au:N/C:C/I:C/A:C
refmap via4
bid 20632
bugtraq 20061018 TORQUE Spool Job Race condition (torque <= 2.0.0p8)
gentoo GLSA-200611-14
misc http://csirt.fe.up.pt/docs/TORQUE-audit.pdf
sreason 1820
vupen ADV-2006-4651
Last major update 17-10-2018 - 21:44
Published 03-11-2006 - 11:07
Last modified 17-10-2018 - 21:44
Back to Top