Lucene search
+L

205 matches found

OpenVAS
OpenVAS
added 2021/02/05 12:0 a.m.8 views

Huawei EulerOS: Security Advisory for python-rtslib (EulerOS-SA-2021-1255)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00339EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/05 12:0 a.m.25 views

EulerOS 2.0 SP9 : python-rtslib (EulerOS-SA-2021-1255)

According to the version of the python-rtslib packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in Open-iSCSI rtslib-fb through versions 2.1.72, where it has weak permissions for /etc/target/saveconfig.json because the...

7.8CVSS7.5AI score0.00339EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/02/05 12:0 a.m.20 views

EulerOS 2.0 SP9 : python-rtslib (EulerOS-SA-2021-1274)

According to the version of the python-rtslib packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in Open-iSCSI rtslib-fb through versions 2.1.72, where it has weak permissions for /etc/target/saveconfig.json because the...

7.8CVSS7.5AI score0.00339EPSS
Exploits0References2
Amazon
Amazon
added 2021/01/26 12:0 a.m.20 views

Medium: python-rtslib

Issue Overview: A flaw was found in Open-iSCSI rtslib-fb through versions 2.1.72, where it has weak permissions for /etc/target/saveconfig.json because the shutil.copyfile, instead of shutil.copy is used, and permissions are not preserved upon editing. This flaw allows an attacker with prior acce...

7.8CVSS7.7AI score0.00339EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/01/26 12:0 a.m.27 views

Amazon Linux 2 : python-rtslib (ALAS-2021-1589)

The version of python-rtslib installed on the remote host is prior to 2.1.74-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2021-1589 advisory. A flaw was found in Open-iSCSI rtslib-fb through versions 2.1.72, where it has weak permissions for...

7.8CVSS7.5AI score0.00339EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/01/25 12:0 a.m.17 views

openSUSE Security Update : open-iscsi (openSUSE-2021-89)

This update for open-iscsi fixes the following issues : - Updated to upstream version 2.1.3 as 2.1.3-suse, for bsc1179908, including : - uip: check for TCP urgent pointer past end of frame - uip: check for u8 overflow when processing TCP options - uip: check for header length underflow during...

5.8AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/01/20 12:0 a.m.28 views

EulerOS 2.0 SP3 : python-rtslib (EulerOS-SA-2021-1116)

According to the version of the python-rtslib package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile instead of shutil.copy is...

7.8CVSS7.7AI score0.00339EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/01/19 12:0 a.m.12 views

Huawei EulerOS: Security Advisory for python-rtslib (EulerOS-SA-2021-1116)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.8AI score0.00339EPSS
Exploits0References2
OSV
OSV
added 2021/01/16 6:54 p.m.1 views

OPENSUSE-SU-2021:0089-1 Security update for open-iscsi

This update for open-iscsi fixes the following issues: - Updated to upstream version 2.1.3 as 2.1.3-suse, for bsc1179908, including: uip: check for TCP urgent pointer past end of frame uip: check for u8 overflow when processing TCP options uip: check for header length underflow during checksum...

7.7AI score
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2021/01/16 12:0 a.m.19 views

Security update for open-iscsi (important)

openSUSE Security Update: Security update for open-iscsi Announcement ID: openSUSE-SU-2021:0089-1 Rating: important References: 1179440 1179908 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for open-iscsi fixes the...

7.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/01/15 12:0 a.m.15 views

SUSE SLED15 / SLES15 Security Update : open-iscsi (SUSE-SU-2021:0127-1)

This update for open-iscsi fixes the following issues : Updated to upstream version 2.1.3 as 2.1.3-suse, for bsc1179908, including : - uip: check for TCP urgent pointer past end of frame - uip: check for u8 overflow when processing TCP options - uip: check for header length underflow during...

5.8AI score
Exploits0References3
OSV
OSV
added 2021/01/14 9:30 a.m.4 views

SUSE-SU-2021:0127-1 Security update for open-iscsi

This update for open-iscsi fixes the following issues: - Updated to upstream version 2.1.3 as 2.1.3-suse, for bsc1179908, including: uip: check for TCP urgent pointer past end of frame uip: check for u8 overflow when processing TCP options uip: check for header length underflow during checksum...

7.7AI score
Exploits0References3
NVD
NVD
added 2021/01/13 4:15 p.m.28 views

CVE-2021-3139

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopylocateudev in tcmurcmdhandler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if th...

8.1CVSS8.4AI score0.02649EPSS
Exploits0References5
OSV
OSV
added 2021/01/13 4:15 p.m.23 views

CVE-2021-3139

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopylocateudev in tcmurcmdhandler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if th...

8.1CVSS7.1AI score
Exploits0References5
OSV
OSV
added 2021/01/13 4:15 p.m.1 views

DEBIAN-CVE-2021-3139

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopylocateudev in tcmurcmdhandler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if th...

8.1CVSS7.9AI score0.02649EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/01/13 4:15 p.m.2 views

CVE-2021-3139

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopylocateudev in tcmurcmdhandler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if th...

8.1CVSS7.3AI score0.02649EPSS
Exploits0References6
Prion
Prion
added 2021/01/13 4:15 p.m.29 views

Directory traversal

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopylocateudev in tcmurcmdhandler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if th...

5.5CVSS8.1AI score0.06563EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/01/13 4:15 p.m.5 views

UBUNTU-CVE-2021-3139

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopylocateudev in tcmurcmdhandler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if th...

8.1CVSS7.3AI score0.02649EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/01/13 4:15 p.m.40 views

CVE-2021-3139

In Open-iSCSI tcmu-runner 1.3.x, 1.4.x, and 1.5.x through 1.5.2, xcopylocateudev in tcmurcmdhandler.c lacks a check for transport-layer restrictions, allowing remote attackers to read or write files via directory traversal in an XCOPY request. For example, an attack can occur over a network if th...

8.1CVSS7.2AI score0.02649EPSS
Exploits0References3
CVE
CVE
added 2021/01/13 3:33 p.m.196 views

CVE-2021-3139

CVE-2021-3139 affects Open-iSCSI tcmu-runner 1.3.x–1.5.x (through 1.5.2); the XCOPY path xcopy_locate_udev in tcmur_cmd_handler.c lacks transport-layer access checks, enabling remote attackers who have access to an iSCSI LUN to read/write files via directory traversal over the network. Connected ...

8.1CVSS8.2AI score0.02649EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder