Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE-2011-2907: authentication bypass in torque
From: Vincent Danen <vdanen () redhat com>
Date: Wed, 10 Aug 2011 19:52:32 -0600

Just a heads up on a security flaw in torque that can makes it
vulnerable to an authorization bypass.

The gory details are available here:

http://www.clusterresources.com/pipermail/torqueusers/2011-August/013194.html
https://bugzilla.redhat.com/show_bug.cgi?id=713090

The long and short of it is that if you ship torque compiled with munge
support, you are not vulnerable.

This issue was assigned the name CVE-2011-2907.

--
Vincent Danen / Red Hat Security Response Team

  By Date           By Thread  

Current thread:
  • CVE-2011-2907: authentication bypass in torque Vincent Danen (Aug 11)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault