CVE-2013-4495

Name of the Vulnerable Software and Affected Versions TORQUE Resource Manager versions prior to 4.2.6

Description The issue allows remote attackers to execute arbitrary commands via shell metacharacters in the email (-M switch) to qsub, due to a problem in the send the mail function in server/svr mail.c.

Recommendations For versions prior to 4.2.6, update to version 4.2.6 or later to resolve the issue. As a temporary workaround, consider restricting the use of the -M switch in qsub to minimize the risk of exploitation.