targetcli: weak permissions for /etc/target and backup files

An access flaw was found in targetcli, where the /etc/target and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup files. The highe...

Moderate: Red Hat Security Advisory: targetcli security update

An update for targetcli is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Scientific Linux Security Update : targetcli on SL7.x (noarch) (2020:5434)

The remote Scientific Linux 7 host has a package installed that is affected by a vulnerability as referenced in the SLSA-2020:5434-1 advisory. - targetcli: weak permissions for /etc/target and backup files CVE-2020-13867 Note that Nessus has not tested for this issue but has instead relied only o...

Security Bulletin: Vulnerabilities in jQuery, Spring, Dom4j, MongoDB, Linux Kernel, Targetcli-fb, Jackson, Node.js, and Apache Commons affect IBM Spectrum Protect Plus

Summary Multiple vulnerabilities in jQuery, Spring, Dom4j, MongoDB, Linux Kernel, Targetcli-fb, Jackson, Node.js, and Apache Commons affect IBM Spectrum Protect Plus. Vulnerability Details CVEID: CVE-2020-5408 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to obtain...

RHEL 8 : targetcli (RHSA-2020:4697)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:4697 advisory. The targetcli package contains an administration shell for configuring Internet Small Computer System Interface iSCSI, Fibre Channel over Ethernet...

Oracle Linux 8 : targetcli (ELSA-2020-4697)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-4697 advisory. 2.1.53-1 - Update to new upstream version 2.1.52-1 - Update to new upstream version Tenable has extracted the preceding description block directly from the Orac...

targetcli security and enhancement update

2.1.53-1 - Update to new upstream version 2.1.52-1 - Update to new upstream version...

Moderate: Red Hat Security Advisory: targetcli security and enhancement update

An update for targetcli is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

targetcli: weak permissions for /etc/target and backup files

An access flaw was found in targetcli, where the /etc/target and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup files. The highe...

Moderate: targetcli security and enhancement update

The targetcli package contains an administration shell for configuring Internet Small Computer System Interface iSCSI, Fibre Channel over Ethernet FCoE, and other SCSI targets, using the Target Core Mod/Linux-IO TCM/LIO kernel target subsystem. FCoE users also need to install and use the fcoe-uti...

GLSA-202008-22 : targetcli-fb: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202008-22 targetcli-fb: Multiple vulnerabilities Multiple vulnerabilities have been discovered in targetcli-fb. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers...

SUSE-SU-2020:2360-1 Security update for targetcli-fb

This update for targetcli-fb fixes the following issues: - CVE-2020-13867: Fixed weak permissions for /etc/target bsc1172743...

MGASA-2020-0326 Updated targetcli packages fix security vulnerability

An access flaw was found in targetcli, where the /etc/target and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup files. The highe...

Updated targetcli packages fix security vulnerability

An access flaw was found in targetcli, where the /etc/target and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup files. The highe...

openSUSE: Security Advisory for targetcli-fb (openSUSE-SU-2020:1144-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : targetcli-fb (openSUSE-2020-1141)

This update for targetcli-fb fixes the following issues : - CVE-2020-13867: Fixed the permissions in /etc/target bsc1172743 This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...

Security update for targetcli-fb (moderate)

openSUSE Security Update: Security update for targetcli-fb Announcement ID: openSUSE-SU-2020:1144-1 Rating: moderate References: 1172743 Cross-References: CVE-2020-13867 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for...

openSUSE: Security Advisory for targetcli-fb (openSUSE-SU-2020:1141-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : targetcli-fb (openSUSE-2020-1144)

This update for targetcli-fb fixes the following issues : - CVE-2020-13867: Fixed the permissions in /etc/target bsc1172743 This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extract...

OPENSUSE-SU-2020:1144-1 Security update for targetcli-fb

This update for targetcli-fb fixes the following issues: - CVE-2020-13867: Fixed the permissions in /etc/target bsc1172743 This update was imported from the SUSE:SLE-15-SP2:Update update project...