Showing 1 - 3 of 3

CVE-2010-2221

Status Candidate

Overview

Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.

Related Files

Ubuntu Security Notice USN-1156-1: Posted Jun 21, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1156-1 - It was discovered that tgt incorrectly handled long iSCSI name strings, and invalid PDUs. A remote attacker could exploit this to cause tgt to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 10.10. Emmanuel Bouillon discovered that tgt incorrectly handled certain iSCSI logins. A remote attacker could exploit this to cause tgt to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.; tags | advisory, remote, denial of service, arbitrary; systems | linux, ubuntu; advisories | CVE-2010-2221, CVE-2011-0001; SHA-256 | ba1826fb855135b0d2f8008bbddbf61f5e8cfb8c9332cbf066bc74d8ac8342db; Download | Favorite | View

Mandriva Linux Security Advisory 2010-131: Posted Jul 13, 2010; Authored by Mandriva | Site mandriva.com; Mandriva Linux Security Advisory 2010-131 - Multiple format string and buffer overflow vulnerabilities has been found and corrected in iscsitarget. The updated packages have been patched to correct these issues.; tags | advisory, overflow, vulnerability; systems | linux, mandriva; advisories | CVE-2010-0743, CVE-2010-2221; SHA-256 | ecd3901c966ed1b4f15abd5c9b4936fd8235c79b4f270c0008cda1fca4342fe7; Download | Favorite | View

iSCSI Target iSNS Stack Buffer Overflow: Posted Jul 3, 2010; Authored by TELUS Security Labs | Site telussecuritylabs.com; A stack buffer overflow vulnerability exist in iscsitarget, an open implementation of iSCSI Enterprise Target. The vulnerability is caused by insufficient boundary checking while processing iSNS messages. A remote attacker can leverage this vulnerability to inject and execute arbitrary code on a vulnerable system.; tags | advisory, remote, overflow, arbitrary; advisories | CVE-2010-2221; SHA-256 | 6fcd69274daa390cb09aab03d6ff81c49f17f973d50117e842e0491b410fefbd; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 228 files
Ubuntu 55 files
Debian 27 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Google Security Research 6 files
Apple 6 files
Milad Karimi 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,333)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,578)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,460)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2010-2221

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems