CVE-2014-0749 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	10 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:C/I:C/A:C
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 98%

Vendor	Product	Version
adaptivecomputing	torque_resource_manager	2.5.0
adaptivecomputing	torque_resource_manager	2.5.1
adaptivecomputing	torque_resource_manager	2.5.2
adaptivecomputing	torque_resource_manager	2.5.3
adaptivecomputing	torque_resource_manager	2.5.4
adaptivecomputing	torque_resource_manager	2.5.5
adaptivecomputing	torque_resource_manager	2.5.6
adaptivecomputing	torque_resource_manager	2.5.7
adaptivecomputing	torque_resource_manager	2.5.8
adaptivecomputing	torque_resource_manager	2.5.9
adaptivecomputing	torque_resource_manager	2.5.10
adaptivecomputing	torque_resource_manager	2.5.11
adaptivecomputing	torque_resource_manager	2.5.12
adaptivecomputing	torque_resource_manager	2.5.13

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

torque

cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	not-affected
xenial	not-affected
wily	not-affected
vivid	not-affected
utopic	not-affected
trusty	Fixed 2.4.16+dfsg-1.3ubuntu1.1 released
saucy	ignored
precise	Fixed 2.4.16+dfsg-1+deb7u4build0.12.04.1 released
lucid	ignored

Known Exploits!

Common Weakness Enumeration

CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.

References

http://osvdb.org/show/osvdb/107024

http://packetstormsecurity.com/files/126651/Torque-2.5.13-Buffer-Overflow.html

http://packetstormsecurity.com/files/126855/TORQUE-Resource-Manager-2.5.13-Buffer-Overflow.html

http://www.debian.org/security/2014/dsa-2936

http://www.exploit-db.com/exploits/33554

http://www.securityfocus.com/archive/1/532110/100/0/threaded

http://www.securityfocus.com/bid/67420

https://github.com/adaptivecomputing/torque/commit/3ed749263abe3d69fa3626d142a5789dcb5a5684

https://github.com/adaptivecomputing/torque/pull/171

https://labs.mwrinfosecurity.com/advisories/2014/05/14/torque-buffer-overflow

https://labs.mwrinfosecurity.com/system/assets/662/original/torque-buffer-overflow_2014-05-14.pdf

http://osvdb.org/show/osvdb/107024

http://packetstormsecurity.com/files/126651/Torque-2.5.13-Buffer-Overflow.html

http://packetstormsecurity.com/files/126855/TORQUE-Resource-Manager-2.5.13-Buffer-Overflow.html

http://www.debian.org/security/2014/dsa-2936

http://www.exploit-db.com/exploits/33554

http://www.securityfocus.com/archive/1/532110/100/0/threaded

http://www.securityfocus.com/bid/67420

https://github.com/adaptivecomputing/torque/commit/3ed749263abe3d69fa3626d142a5789dcb5a5684

https://github.com/adaptivecomputing/torque/pull/171

https://labs.mwrinfosecurity.com/advisories/2014/05/14/torque-buffer-overflow

https://labs.mwrinfosecurity.com/system/assets/662/original/torque-buffer-overflow_2014-05-14.pdf