Lucene search

UbuntuUSN-1156-1

HistoryJun 21, 2011 - 12:00 a.m.

tgt vulnerabilities

2011-06-2100:00:00

ubuntu.com

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

AI Score

Confidence

Low

0.593 Medium

EPSS

Percentile

97.8%

JSON

Releases

Ubuntu 11.04
Ubuntu 10.10

Packages

tgt - Linux SCSI target user-space tools

Details

It was discovered that tgt incorrectly handled long iSCSI name strings, and
invalid PDUs. A remote attacker could exploit this to cause tgt to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 10.10. (CVE-2010-2221)

Emmanuel Bouillon discovered that tgt incorrectly handled certain iSCSI
logins. A remote attacker could exploit this to cause tgt to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2011-0001)

OSVersionArchitecturePackageVersionFilename
Ubuntu11.04noarchtgt< 1:1.0.13-0ubuntu2.1UNKNOWN
Ubuntu10.10noarchtgt< 1:1.0.4-1ubuntu4.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	11.04	noarch	tgt	< 1:1.0.13-0ubuntu2.1	UNKNOWN
Ubuntu	10.10	noarch	tgt	< 1:1.0.4-1ubuntu4.1	UNKNOWN

References

ubuntu.com/security/CVE-2010-2221

ubuntu.com/security/CVE-2011-0001

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

7.5 High

AI Score

Confidence

Low

0.593 Medium

EPSS

Percentile

97.8%

JSON

Related for USN-1156-1