Debian Security Advisory DSA 2329-1 (torque) Network Vulnerability

Summary

The remote host is missing an update to torque announced via advisory DSA 2329-1.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202329-1

Insight

Bartlomiej Balcerek discovered several buffer overflows in torque server, a PBS-derived batch processing server. This allows an attacker to crash the service or execute arbitrary code with privileges of the server via crafted job or host names. The oldstable distribution (lenny) does not contain torque. For the stable distribution (squeeze), this problem has been fixed in version 2.4.8+dfsg-9squeeze1. For the testing distribution (wheezy), this problem has been fixed in version 2.4.15+dfsg-1. For the unstable distribution (sid), this problem has been fixed in version 2.4.15+dfsg-1. We recommend that you upgrade your torque packages.

Severity

Classification

CVE CVE-2011-2193

CVSS	Base Score: 8.5 AV:N/AC:M/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Debian Security Advisory DSA 014-1 (splitvt)
Debian Security Advisory DSA 1026-1 (sash)
Debian Security Advisory DSA 063-1 (xinetd)
Debian Security Advisory DSA 044-1 (mailx)
Debian Security Advisory DSA 1070-1 (kernel-source-2.4.19,kernel-image-sparc-2.4,kernel-patch-2.4.19-mips)

Take action and discover your vulnerabilities