TORQUE Resource Manager Stack Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running TORQUE Resource Manager and is prone to stack buffer overflow vulnerability.

Impact

Successful exploitation will allow remote attacker to execute arbitrary code and cause a denial of service. Impact Level: Application

Solution

Upgrade to TORQUE 4.2 or later, http://www.adaptivecomputing.com/support/download-center/torque-download

Insight

The flaw is due to a boundary error within the 'disrsi_()' function (src/lib/Libdis/disrsi_.c), which can be exploited to cause a stack-based buffer overflow.

Affected

TORQUE versions 2.5 through 2.5.13

Detection

Send crafted request and check is it vulnerable to DoS or not.

References

http://packetstormsecurity.com/files/126651
http://seclists.org/bugtraq/2014/May/75
http://www.osvdb.org/107024
https://labs.mwrinfosecurity.com/advisories/2014/05/14/torque-buffer-overflow/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-0749
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader Multiple BOF Vulnerabilities - Jun09 (Linux)
Cyrus IMAP Server 'split_wildmats()' Remote Buffer Overflow Vulnerability
Cscope putstring Multiple Buffer Overflow vulnerability
Advantech Studio Multiple Buffer Overflow Vulnerabilities
Adobe Flash CS3 SWF Processing Buffer Overflow Vulnerabilities

Take action and discover your vulnerabilities