TORQUE Resource Manager Stack Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running TORQUE Resource Manager and is prone to stack buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attacker to execute arbitrary code and cause a denial of service. Impact Level: Application

Solution

Upgrade to TORQUE 4.2 or later, http://www.adaptivecomputing.com/support/download-center/torque-download

Insight

The flaw is due to a boundary error within the 'disrsi_()' function (src/lib/Libdis/disrsi_.c), which can be exploited to cause a stack-based buffer overflow.

Affected

TORQUE versions 2.5 through 2.5.13

Detection

Send crafted request and check is it vulnerable to DoS or not.

References

http://packetstormsecurity.com/files/126651
http://seclists.org/bugtraq/2014/May/75
http://www.osvdb.org/107024
https://labs.mwrinfosecurity.com/advisories/2014/05/14/torque-buffer-overflow/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0749

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Mac OS X)
ALLMediaServer Request Handling Buffer Overflow Vulnerability
Adobe Air Buffer Overflow Vulnerability (Mac OS X)
Cyrus IMAP Server 'split_wildmats()' Remote Buffer Overflow Vulnerability
Amarok Player Multiple Vulnerabilities

Take action and discover your vulnerabilities