Описание
Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| dapper | DNE | |
| devel | DNE | |
| esm-apps/xenial | not-affected | 2.4.20.3+svn499-0ubuntu2.3 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [2.4.20.3+svn499-0ubuntu2.3]] |
| hardy | ignored | end of life |
| jaunty | ignored | end of life |
| karmic | ignored | end of life |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | 1:1.0.13-0ubuntu2 |
| bionic | not-affected | 1:1.0.13-0ubuntu2 |
| cosmic | not-affected | 1:1.0.13-0ubuntu2 |
| dapper | DNE | |
| devel | not-affected | 1:1.0.13-0ubuntu2 |
| esm-infra-legacy/trusty | not-affected | 1:1.0.13-0ubuntu2 |
| esm-infra/bionic | not-affected | 1:1.0.13-0ubuntu2 |
| esm-infra/xenial | not-affected | 1:1.0.13-0ubuntu2 |
| hardy | ignored | end of life |
| jaunty | ignored | end of life |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.
Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.
Multiple buffer overflows in the iSNS implementation in isns.c in (1) ...
Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.
ELSA-2010-0518: scsi-target-utils security update (IMPORTANT)
EPSS
5 Medium
CVSS2