Lucene search

K
cve[email protected]CVE-2007-3100
HistoryJun 14, 2007 - 7:30 p.m.

CVE-2007-3100

2007-06-1419:30:00
web.nvd.nist.gov
27
cve-2007-3100
iscsid
open-iscsi
insecure semaphore
denial of service
vulnerability
nvd

5.8 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

10.1%

usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore.

Affected configurations

NVD
Node
redhatenterprise_linuxMatch5.0desktop
OR
redhatenterprise_linuxMatch5.0server
AND
redhatopen_iscsiRange2.0-864

5.8 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

0.0004 Low

EPSS

Percentile

10.1%