Denial Of Service (DoS)

2020-04-1000:59:37

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

scsi-target-utils is vulnerable to denial of service (DoS). The vulnerability exists as a double-free flaw was found in scsi-target-utils’ tgtd daemon. A remote attacker could trigger this flaw by sending carefully-crafted network traffic, causing the tgtd daemon to crash.

CPENameOperatorVersion
scsi-target-utilseq0.0__6.20091205snap.el5_4.1
scsi-target-utilseq0.0__6.20091205snap.el5_5.2
scsi-target-utilseq0.0__0.20070620snap.el5
scsi-target-utilseq0.0__5.20080917snap.el5
scsi-target-utilseq0.0__6.20091205snap.el5_5.3
scsi-target-utilseq0.0__6.20091205snap.el5_4.1
scsi-target-utilseq0.0__6.20091205snap.el5_5.2
scsi-target-utilseq0.0__0.20070620snap.el5
scsi-target-utilseq0.0__5.20080917snap.el5
scsi-target-utilseq0.0__6.20091205snap.el5_5.3

Name	Operator	Version
scsi-target-utils	eq	0.0__6.20091205snap.el5_4.1
scsi-target-utils	eq	0.0__6.20091205snap.el5_5.2
scsi-target-utils	eq	0.0__0.20070620snap.el5
scsi-target-utils	eq	0.0__5.20080917snap.el5
scsi-target-utils	eq	0.0__6.20091205snap.el5_5.3
scsi-target-utils	eq	0.0__6.20091205snap.el5_4.1
scsi-target-utils	eq	0.0__6.20091205snap.el5_5.2
scsi-target-utils	eq	0.0__0.20070620snap.el5
scsi-target-utils	eq	0.0__5.20080917snap.el5
scsi-target-utils	eq	0.0__6.20091205snap.el5_5.3