CentOS Local Security Checks : CentOS Update for scsi-target-utils CESA-2011:0332 centos5 i386

Búsqueda de Vulnerabilidad		Buscar 219043 Descripciones CVE y 99761 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.880542

Categoría: CentOS Local Security Checks

Título: CentOS Update for scsi-target-utils CESA-2011:0332 centos5 i386

Resumen: The remote host is missing an update for the 'scsi-target-utils'; package(s) announced via the referenced advisory.

Descripción: Summary:
The remote host is missing an update for the 'scsi-target-utils'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The scsi-target-utils package contains the daemon and tools to set up and
monitor SCSI targets. Currently, iSCSI software and iSER targets are
supported.

A double-free flaw was found in scsi-target-utils' tgtd daemon. A remote
attacker could trigger this flaw by sending carefully-crafted network
traffic, causing the tgtd daemon to crash. (CVE-2011-0001)

Red Hat would like to thank Emmanuel Bouillon of NATO C3 Agency for
reporting this issue.

All scsi-target-utils users should upgrade to this updated package, which
contains a backported patch to correct this issue. All running
scsi-target-utils services must be restarted for the update to take effect.

Affected Software/OS:
scsi-target-utils on CentOS 5

Solution:
Please install the updated packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0001
BugTraq ID: 46817
http://www.securityfocus.com/bid/46817
Debian Security Information: DSA-2209 (Google Search)
http://www.debian.org/security/2011/dsa-2209
https://bugzilla.redhat.com/attachment.cgi?id=473779&action=diff
http://lists.wpkg.org/pipermail/stgt/2011-March/004473.html
http://www.redhat.com/support/errata/RHSA-2011-0332.html
http://www.securitytracker.com/id?1025184
http://secunia.com/advisories/43706
http://secunia.com/advisories/43713
SuSE Security Announcement: SUSE-SR:2011:009 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html
http://www.vupen.com/english/advisories/2011/0636
XForce ISS Database: lstf-iscsirxhandler-dos(66010)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66010

Copyright Copyright (c) 2011 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.880542
Categoría:	CentOS Local Security Checks
Título:	CentOS Update for scsi-target-utils CESA-2011:0332 centos5 i386
Resumen:	The remote host is missing an update for the 'scsi-target-utils'; package(s) announced via the referenced advisory.
Descripción:	Summary: The remote host is missing an update for the 'scsi-target-utils' package(s) announced via the referenced advisory. Vulnerability Insight: The scsi-target-utils package contains the daemon and tools to set up and monitor SCSI targets. Currently, iSCSI software and iSER targets are supported. A double-free flaw was found in scsi-target-utils' tgtd daemon. A remote attacker could trigger this flaw by sending carefully-crafted network traffic, causing the tgtd daemon to crash. (CVE-2011-0001) Red Hat would like to thank Emmanuel Bouillon of NATO C3 Agency for reporting this issue. All scsi-target-utils users should upgrade to this updated package, which contains a backported patch to correct this issue. All running scsi-target-utils services must be restarted for the update to take effect. Affected Software/OS: scsi-target-utils on CentOS 5 Solution: Please install the updated packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2011-0001 BugTraq ID: 46817 http://www.securityfocus.com/bid/46817 Debian Security Information: DSA-2209 (Google Search) http://www.debian.org/security/2011/dsa-2209 https://bugzilla.redhat.com/attachment.cgi?id=473779&action=diff http://lists.wpkg.org/pipermail/stgt/2011-March/004473.html http://www.redhat.com/support/errata/RHSA-2011-0332.html http://www.securitytracker.com/id?1025184 http://secunia.com/advisories/43706 http://secunia.com/advisories/43713 SuSE Security Announcement: SUSE-SR:2011:009 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://www.vupen.com/english/advisories/2011/0636 XForce ISS Database: lstf-iscsirxhandler-dos(66010) https://exchange.xforce.ibmcloud.com/vulnerabilities/66010
Copyright	Copyright (c) 2011 Greenbone Networks GmbH