15 matches found
MiracleLinux 8 : targetcli-2.1.51-4.el8 (AXSA:2020-296:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-296:01 advisory. targetcli: world writable /var/run/targetclid.sock allows unprivileged user to execute commands CVE-2020-10699 Tenable has extracted the preceding description...
Alibaba Cloud Linux 3 : 0092: targetcli (ALINUX3-SA-2021:0092)
The remote Alibaba Cloud Linux 3 host has a package installed that is affected by a vulnerability as referenced in the ALINUX3-SA-2021:0092 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2020-10699: A flaw was found in Linux, in...
Ubuntu 20.04 ESM : targetcli-fb vulnerabilities (USN-4871-1)
The remote Ubuntu 20.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4871-1 advisory. It was discovered that targetcli-fb did not properly manage socket permissions. A local attacker could use this issue to modify the iSCSI configuration...
SUSE CVE-2020-10699
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root...
Ubuntu: Security Advisory (USN-4871-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4871-1 targetcli-fb vulnerabilities
It was discovered that targetcli-fb did not properly manage socket permissions. A local attacker could use this issue to modify the iSCSI configuration resulting in a denial of service, obtain sensitive information or execute arbitrary code. CVE-2020-10699 It was discovered that targetcli-fb did...
USN-4871-1: targetcli-fb vulnerabilities
It was discovered that targetcli-fb did not properly manage socket permissions. A local attacker could use this issue to modify the iSCSI configuration resulting in a denial of service, obtain sensitive information or execute arbitrary code. CVE-2020-10699 It was discovered that targetcli-fb did...
GLSA-202008-22 : targetcli-fb: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202008-22 targetcli-fb: Multiple vulnerabilities Multiple vulnerabilities have been discovered in targetcli-fb. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers...
Oracle Linux 8 : targetcli (ELSA-2020-1933)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-1933 advisory. 2.1.51-4 - Increase the release version 2.1.51-3 - targetclid.sock allows unprivileged user to execute commands 2.1.51-2 - Create the target/pr directory when...
Important: Red Hat Security Advisory: targetcli security update
An update for targetcli is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
CVE-2020-10699
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root...
CVE-2020-10699
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root...
CVE-2020-10699
CVE-2020-10699 affects targetcli-fb in Linux: versions 2.1.50 and 2.1.51 ship a world-writable /var/run/targetclid.sock, enabling a local attacker to modify iSCSI config and escalate to root. Connected advisories confirm exploitation is local and privilege escalation is possible via the targetcli...
CVE-2020-10699
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root...
CVE-2020-10699
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this flaw to modify the iSCSI configuration and escalate their privileges to root...