Showing 1 - 3 of 3

CVE-2010-2221

Status Candidate

Overview

Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.

Related Files

Ubuntu Security Notice USN-1156-1: Posted Jun 21, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1156-1 - It was discovered that tgt incorrectly handled long iSCSI name strings, and invalid PDUs. A remote attacker could exploit this to cause tgt to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 10.10. Emmanuel Bouillon discovered that tgt incorrectly handled certain iSCSI logins. A remote attacker could exploit this to cause tgt to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2010-2221, CVE-2011-0001; SHA-256 | ba1826fb855135b0d2f8008bbddbf61f5e8cfb8c9332cbf066bc74d8ac8342db; Download | Favorite | View

Mandriva Linux Security Advisory 2010-131: Posted Jul 13, 2010; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2010-131 - Multiple format string and buffer overflow vulnerabilities has been found and corrected in iscsitarget. The updated packages have been patched to correct these issues.; tags | advisory, overflow, vulnerability; systems | linux, mandriva; advisories | CVE-2010-0743, CVE-2010-2221; SHA-256 | ecd3901c966ed1b4f15abd5c9b4936fd8235c79b4f270c0008cda1fca4342fe7; Download | Favorite | View

iSCSI Target iSNS Stack Buffer Overflow: Posted Jul 3, 2010; Authored by TELUS Security Labs | Site telussecuritylabs.com; A stack buffer overflow vulnerability exist in iscsitarget, an open implementation of iSCSI Enterprise Target. The vulnerability is caused by insufficient boundary checking while processing iSNS messages. A remote attacker can leverage this vulnerability to inject and execute arbitrary code on a vulnerable system.; tags | advisory, remote, overflow, arbitrary; advisories | CVE-2010-2221; SHA-256 | 6fcd69274daa390cb09aab03d6ff81c49f17f973d50117e842e0491b410fefbd; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 216 files
Ubuntu 78 files
indoushka 77 files
Jasper Nota 25 files
Gentoo 22 files
Willem Westerhof 19 files
Debian 18 files
Jim Blankendaal 11 files
Martijn Baalman 9 files
Apple 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,096)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,553)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,689)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,482)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,736)
UNIX (9,435)
UnixWare (187)
Windows (6,671)
Other

CVE-2010-2221

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems