MiracleLinux 8 : targetcli-2.1.53-1.el8 (AXSA:2020-1067:05)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-1067:05 advisory. targetcli: weak permissions for /etc/target and backup files CVE-2020-13867 Tenable has extracted the preceding description block directly from the...

CVE-2022-45154 supportconfig does not remove passwords in /etc/iscsi/iscsid.conf and /etc/target/lio_setup.sh

A Cleartext Storage of Sensitive Information vulnerability in suppportutils of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 15 SP3 allows attackers that get access to the support logs to gain knowledge of the stored credentials This issue affects:...

rtslib-fb weak permissions for /etc/target/saveconfig.json file

Python rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile instead of shutil.copy is used, and thus permissions are not preserved...

Huawei EulerOS: Security Advisory for python-rtslib (EulerOS-SA-2021-1730)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4871-1: targetcli-fb vulnerabilities

It was discovered that targetcli-fb did not properly manage socket permissions. A local attacker could use this issue to modify the iSCSI configuration resulting in a denial of service, obtain sensitive information or execute arbitrary code. CVE-2020-10699 It was discovered that targetcli-fb did...

CentOS 8 : targetcli (CESA-2020:4697)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2020:4697 advisory. - targetcli: weak permissions for /etc/target and backup files CVE-2020-13867 Note that Nessus has not tested for this issue but has instead relied only on the...

Medium: targetcli

Issue Overview: An access flaw was found in targetcli, where the /etc/target and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup...

CentOS: Security Advisory for python-rtslib (CESA-2020:5435)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle Linux 7 : python-rtslib (ELSA-2020-5435)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5435 advisory. 2.1.74-1.0.1 - Add patch 0005-allow-mixed-case-in-oracle-iqns to fix Orabug: 27613482 - Add patch 0004-allow-underscore-in-oracle-iqns to fix Orabug: 27582660 -...

targetcli: weak permissions for /etc/target and backup files

An access flaw was found in targetcli, where the /etc/target and underneath backup directory/files were world-readable. This flaw allows a local attacker to access potentially sensitive information such as authentication credentials from the /etc/target/saveconfig.json and backup files. The highe...

Huawei EulerOS: Security Advisory for python-rtslib (EulerOS-SA-2020-2474)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Insecure File Permission

rtslibfb uses insecure file permissions. The use of shutil.copyfile instead of shutil.copy results in an insecure file permissions for configuration file /etc/target/saveconfig.json as it does not maintain the original permissions set during copy...

UBUNTU-CVE-2020-13867

Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target and for the backup directory and backup files...

Open redirect

Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target and for the backup directory and backup files...