18 matches found
Security Bulletin: Vulnerabilities in the Linux Kernel, Samba, Sudo, Python, and tcmu-runner affect IBM Spectrum Protect Plus
Summary Vulnerabilities in the Linux Kernel, Samba, Sudo, Python, and tcmu-runner such as denial of service, elevation of privileges, buffer overflow, directory traversal, information disclosure, and bypassing of security restrictions , may affect IBM Spectrum Protect Plus. UPDATE 28 January 2022...
RHEL 7 / 8 : Red Hat Ceph Storage security, Update (Important) (RHSA-2021:1452)
The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1452 advisory. Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage...
Important: Red Hat Security Advisory: Red Hat Ceph Storage security, bug fix, and enhancement Update
An update for ceph, ceph-ansible, gperftools, and tcmu-runner is now available for Red Hat Ceph Storage 4.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
SUSE: Security Advisory (SUSE-SU-2021:0158-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for tcmu-runner (openSUSE-SU-2021:0128-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for tcmu-runner (openSUSE-SU-2021:0097-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Ubuntu: Security Advisory (USN-4707-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : tcmu-runner (openSUSE-2021-97)
This update for tcmu-runner fixes the following issues : - CVE-2021-3139: Fixed a LIO security issue bsc1180676. This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
openSUSE Security Update : tcmu-runner (openSUSE-2021-128)
This update for tcmu-runner fixes the following issue : - CVE-2021-3139: Fixed a LIO security issue bsc1180676. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
Security update for tcmu-runner (important)
openSUSE Security Update: Security update for tcmu-runner Announcement ID: openSUSE-SU-2021:0128-1 Rating: important References: 1180676 Cross-References: CVE-2021-3139 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...
SUSE-SU-2021:0158-1 Security update for tcmu-runner
This update for tcmu-runner fixes the following issue: - CVE-2021-3139: Fixed a LIO security issue bsc1180676...
OPENSUSE-SU-2021:0097-1 Security update for tcmu-runner
This update for tcmu-runner fixes the following issues: - CVE-2021-3139: Fixed a LIO security issue bsc1180676. This update was imported from the SUSE:SLE-15-SP2:Update update project...
Security update for tcmu-runner (important)
openSUSE Security Update: Security update for tcmu-runner Announcement ID: openSUSE-SU-2021:0097-1 Rating: important References: 1180676 Cross-References: CVE-2021-3139 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...
SUSE-SU-2021:0143-1 Security update for tcmu-runner
This update for tcmu-runner fixes the following issue: - CVE-2021-3139: Fixed a LIO security issue bsc1180676...
CVE-2021-3139
creationtimestamp| type| source ---|---|--- 2021-01-13 19:25:33+00:00| seen| https://t.me/cibsecurity/22094...
CVE-2021-3139
In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopylocateudev in tcmurcmdhandler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if th...
SUSE-SU-2021:0093-1 Security update for tcmu-runner
This update for tcmu-runner fixes the following issues: - CVE-2021-3139: Fixed a LIO security issue bsc1180676...
CVE-2021-3139
CVE-2021-3139 affects Open-iSCSI tcmu-runner 1.3.x–1.5.x (through 1.5.2); the XCOPY path xcopy_locate_udev in tcmur_cmd_handler.c lacks transport-layer access checks, enabling remote attackers who have access to an iSCSI LUN to read/write files via directory traversal over the network. Connected ...