Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2011 Greenbone AGOPENVAS:1361412562310880655
HistoryAug 09, 2011 - 12:00 a.m.

CentOS Update for scsi-target-utils CESA-2010:0518 centos5 i386

2011-08-0900:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
10

6.5 Medium

AI Score

Confidence

Low

0.593 Medium

EPSS

Percentile

97.7%

JSON

The remote host is missing an update for the

# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_xref(name:"URL", value:"http://lists.centos.org/pipermail/centos-announce/2010-July/016763.html");
  script_oid("1.3.6.1.4.1.25623.1.0.880655");
  script_version("2023-07-12T05:05:04+0000");
  script_tag(name:"last_modification", value:"2023-07-12 05:05:04 +0000 (Wed, 12 Jul 2023)");
  script_tag(name:"creation_date", value:"2011-08-09 08:20:34 +0200 (Tue, 09 Aug 2011)");
  script_tag(name:"cvss_base", value:"5.0");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_xref(name:"CESA", value:"2010:0518");
  script_cve_id("CVE-2010-2221");
  script_name("CentOS Update for scsi-target-utils CESA-2010:0518 centos5 i386");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'scsi-target-utils'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2011 Greenbone AG");
  script_family("CentOS Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/centos", "ssh/login/rpms", re:"ssh/login/release=CentOS5");
  script_tag(name:"affected", value:"scsi-target-utils on CentOS 5");
  script_tag(name:"insight", value:"The scsi-target-utils package contains the daemon and tools to set up and
  monitor SCSI targets. Currently, iSCSI software and iSER targets are
  supported.

  Multiple buffer overflow flaws were found in scsi-target-utils' tgtd
  daemon. A remote attacker could trigger these flaws by sending a
  carefully-crafted Internet Storage Name Service (iSNS) request, causing the
  tgtd daemon to crash. (CVE-2010-2221)

  Red Hat would like to thank the Vulnerability Research Team at TELUS
  Security Labs and Fujita Tomonori for responsibly reporting these flaws.

  All scsi-target-utils users should upgrade to this updated package, which
  contains a backported patch to correct these issues. All running
  scsi-target-utils services must be restarted for the update to take effect.");
  script_tag(name:"solution", value:"Please install the updated packages.");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "CentOS5")
{

  if ((res = isrpmvuln(pkg:"scsi-target-utils", rpm:"scsi-target-utils~0.0~6.20091205snap.el5_5.3", rls:"CentOS5")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

Related

checkpoint_advisories 2
openvas 11
nessus 16
oraclelinux 1
centos 1
securityvulns 2
redhat 1
cve 1
veracode 1
prion 1
ubuntucve 1
fedora 1
ubuntu 1
checkpoint_advisories
checkpoint_advisories
iSCSI target Multiple Implementations iSNS Stack Buffer Overflow (CVE-2010-2221)
2010-09-27 00:00:00
iSCSI target Multiple Implementations iSNS Stack Buffer Overflow - High Confidence (CVE-2010-2221)
2013-04-22 00:00:00
openvas
openvas
CentOS Update for scsi-target-utils CESA-2010:0518 centos5 i386
2011-08-09 00:00:00
Oracle: Security Advisory (ELSA-2010-0518)
2015-10-06 00:00:00
Fedora Update for scsi-target-utils FEDORA-2011-8930
2011-07-18 00:00:00
nessus
nessus
CentOS 5 : scsi-target-utils (CESA-2010:0518)
2010-07-16 00:00:00
Scientific Linux Security Update : scsi-target-utils on SL5.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 5 : scsi-target-utils (ELSA-2010-0518)
2013-07-12 00:00:00
oraclelinux
oraclelinux
scsi-target-utils security update
2010-07-08 00:00:00
centos
centos
scsi security update
2010-07-14 22:27:09
securityvulns
securityvulns
Multiple iSCSI implementations security vulnerabilities
2010-07-06 00:00:00
TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow
2010-07-06 00:00:00
redhat
redhat
(RHSA-2010:0518) Important: scsi-target-utils security update
2010-07-08 00:00:00
cve
cve
CVE-2010-2221
2010-07-08 18:30:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:49:05
prion
prion
Buffer overflow
2010-07-08 18:30:00
ubuntucve
ubuntucve
CVE-2010-2221
2010-07-08 00:00:00
fedora
fedora
[SECURITY] Fedora 14 Update: scsi-target-utils-1.0.18-1.fc14
2011-07-12 04:55:18
ubuntu
ubuntu
tgt vulnerabilities
2011-06-21 00:00:00

6.5 Medium

AI Score

Confidence

Low

0.593 Medium

EPSS

Percentile

97.7%

JSON
Related for OPENVAS:1361412562310880655
checkpoint_advisories2openvas11nessus16oraclelinux1centos1securityvulns2redhat1cve1veracode1prion1ubuntucve1fedora1ubuntu1