Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
centosCentOS ProjectCESA-2010:0362
HistoryMay 28, 2010 - 10:47 a.m.

scsi security update

2010-05-2810:47:01
CentOS Project
lists.centos.org
36

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.658 Medium

EPSS

Percentile

97.9%

JSON

CentOS Errata and Security Advisory CESA-2010:0362

The scsi-target-utils package contains the daemon and tools to set up and
monitor SCSI targets. Currently, iSCSI software and iSER targets are
supported.

A format string flaw was found in scsi-target-utils’ tgtd daemon. A
remote attacker could trigger this flaw by sending a carefully-crafted
Internet Storage Name Service (iSNS) request, causing the tgtd daemon to
crash. (CVE-2010-0743)

All scsi-target-utils users should upgrade to this updated package, which
contains a backported patch to correct this issue. All running
scsi-target-utils services must be restarted for the update to take effect.

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2010-May/078819.html
https://lists.centos.org/pipermail/centos-announce/2010-May/078820.html

Affected packages:
scsi-target-utils

Upstream details at:
https://access.redhat.com/errata/RHSA-2010:0362

Related

securityvulns 2
nessus 17
veracode 1
openvas 12
ubuntucve 1
oraclelinux 1
prion 1
debian 1
checkpoint_advisories 1
redhat 1
gentoo 1
debiancve 1
cve 1
securityvulns
securityvulns
Linux iSCSI DoS
2010-05-13 00:00:00
[SECURITY] [DSA 2042-1] New iscsitarget packages fix arbitrary code execution
2010-05-13 00:00:00
nessus
nessus
Scientific Linux Security Update : scsi-target-utils on SL5.x i386/x86_64
2012-08-01 00:00:00
Debian DSA-2042-1 : iscsitarget - format string
2010-05-07 00:00:00
Oracle Linux 5 : scsi-target-utils (ELSA-2010-0362)
2013-07-12 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:42:46
openvas
openvas
Debian Security Advisory DSA 2042-1 (iscsitarget)
2010-05-14 00:00:00
Debian: Security Advisory (DSA-2042-1)
2010-05-14 00:00:00
Oracle: Security Advisory (ELSA-2010-0362)
2015-10-06 00:00:00
ubuntucve
ubuntucve
CVE-2010-0743
2010-04-08 00:00:00
oraclelinux
oraclelinux
scsi-target-utils security update
2010-04-20 00:00:00
prion
prion
Format string
2010-04-08 17:30:00
debian
debian
[SECURITY] [DSA 2042-1] New iscsitarget packages fix arbitrary code execution
2010-05-05 21:16:17
checkpoint_advisories
checkpoint_advisories
iSCSI target Multiple Implementations Format String Code Execution (CVE-2010-0743)
2010-09-27 00:00:00
redhat
redhat
(RHSA-2010:0362) Important: scsi-target-utils security update
2010-04-20 00:00:00
gentoo
gentoo
iSCSI Enterprise Target: Arbitrary code execution
2012-01-23 00:00:00
debiancve
debiancve
CVE-2010-0743
2010-04-08 17:30:00
cve
cve
CVE-2010-0743
2010-04-08 17:30:00

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.658 Medium

EPSS

Percentile

97.9%

JSON
Related for CESA-2010:0362
securityvulns2nessus17veracode1openvas12ubuntucve1oraclelinux1prion1debian1checkpoint_advisories1redhat1gentoo1debiancve1cve1