Gentoo Logo

OpenPBS: Multiple vulnerabilities

Content:

1.  Gentoo Linux Security Advisory

Version Information

Advisory Reference GLSA 200704-04 / openpbs
Release Date April 03, 2007
Latest Revision April 03, 2007: 01
Impact high
Exploitable remote, local
Package Vulnerable versions Unaffected versions Architecture(s)
sys-cluster/openpbs <= 2.3.16-r4 All supported architectures

Related bugreports: #153495

Synopsis

OpenPBS contains unspecified vulnerabilities which may allow for the remote execution of arbitrary code or a Denial of Service.

2.  Impact Information

Background

OpenPBS is the original version of the Portable Batch System. It is a flexible batch queueing system developed for NASA in the early to mid-1990s.

Description

SUSE reported vulnerabilities due to unspecified errors in OpenPBS.

Impact

By unspecified attack vectors an attacker might be able execute arbitrary code with the privileges of the user running openpbs, which might be the root user.

3.  Resolution Information

Workaround

There is no known workaround at this time.

Resolution

OpenPBS has been masked in the Portage tree for replacement by Torque. All OpenPBS users should unmerge OpenPBS and switch to Torque.

Code Listing 3.1: Resolution

# emerge --ask --unmerge sys-cluster/openpbs
# emerge --sync
# emerge --ask --verbose sys-cluster/torque

4.  References

Print

Page updated April 03, 2007

Summary: This is a Gentoo Linux Security Advisory

Security Team
Contact Address

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.