Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.67665
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2010:0518
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing updates announced in
advisory RHSA-2010:0518.

The scsi-target-utils package contains the daemon and tools to set up and
monitor SCSI targets. Currently, iSCSI software and iSER targets are
supported.

Multiple buffer overflow flaws were found in scsi-target-utils' tgtd
daemon. A remote attacker could trigger these flaws by sending a
carefully-crafted Internet Storage Name Service (iSNS) request, causing the
tgtd daemon to crash. (CVE-2010-2221)

Red Hat would like to thank the Vulnerability Research Team at TELUS
Security Labs and Fujita Tomonori for responsibly reporting these flaws.

All scsi-target-utils users should upgrade to this updated package, which
contains a backported patch to correct these issues. All running
scsi-target-utils services must be restarted for the update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2010-0518.html
http://www.redhat.com/security/updates/classification/#important

Risk factor : Medium

CVSS Score:
5.0

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2010-2221
BugTraq ID: 41327
http://www.securityfocus.com/bid/41327
Bugtraq: 20100702 TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow (Google Search)
http://archives.neohapsis.com/archives/bugtraq/2010-07/0022.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0058.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:131
http://sourceforge.net/mailarchive/forum.php?thread_name=E2BB8074E5500C42984D980D4BD78EF904075006%40MFG-NYC-EXCH2.mfg.prv&forum_name=iscsitarget-devel
http://lists.wpkg.org/pipermail/stgt/2010-July/003858.html
http://www.osvdb.org/65990
http://www.osvdb.org/65991
http://www.osvdb.org/65992
http://www.redhat.com/support/errata/RHSA-2010-0518.html
http://www.securitytracker.com/id?1024175
http://secunia.com/advisories/40485
http://secunia.com/advisories/40494
http://secunia.com/advisories/40495
SuSE Security Announcement: SUSE-SR:2010:017 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
http://www.vupen.com/english/advisories/2010/1760
http://www.vupen.com/english/advisories/2010/1786
CopyrightCopyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.