CVE-2013-4495
Published: 20 November 2013
The send_the_mail function in server/svr_mail.c in Terascale Open-Source Resource and Queue Manager (aka TORQUE Resource Manager) before 4.2.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the email (-M switch) to qsub.
Priority
Status
Package | Release | Status |
---|---|---|
torque Launchpad, Ubuntu, Debian |
lucid |
Ignored
(end of life)
|
precise |
Released
(2.4.16+dfsg-1+deb7u4build0.12.04.1)
|
|
quantal |
Ignored
(end of life)
|
|
raring |
Ignored
(end of life)
|
|
saucy |
Ignored
(end of life)
|
|
trusty |
Not vulnerable
(2.4.16+dfsg-1.3ubuntu1)
|
|
upstream |
Released
(2.4.8+dfsg-9squeeze3, 2.4.16+dfsg-1+deb7u2, 2.4.16+dfsg-1.3)
|
|
utopic |
Not vulnerable
(2.4.16+dfsg-1.3ubuntu1)
|
|
vivid |
Not vulnerable
(2.4.16+dfsg-1.3ubuntu1)
|