CVE-2010-0743
Published: 8 April 2010
Multiple format string vulnerabilities in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) 1.0.3, 0.9.5, and earlier and (2) iSCSI Enterprise Target (aka iscsitarget) 0.4.16 allow remote attackers to cause a denial of service (tgtd daemon crash) or possibly have unspecified other impact via vectors that involve the isns_attr_query and qry_rsp_handle functions, and are related to (a) client appearance and (b) client disappearance messages.
Notes
Author | Note |
---|---|
jdstrand | iscsitarget and tgt have stack protector in 8.04 LTS and higher, so this is a DoS at most. |
Priority
Status
Package | Release | Status |
---|---|---|
iscsitarget Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Ignored
(end of life)
|
|
intrepid |
Ignored
(end of life)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Ignored
(end of life)
|
|
maverick |
Not vulnerable
(1.4.20.2-1ubuntu1)
|
|
natty |
Not vulnerable
|
|
oneiric |
Not vulnerable
|
|
precise |
Not vulnerable
|
|
quantal |
Not vulnerable
|
|
raring |
Not vulnerable
|
|
saucy |
Not vulnerable
|
|
upstream |
Released
(1.4.20.2-1)
|
|
Patches: upstream: http://scst.svn.sourceforge.net/viewvc/scst/trunk/iscsi-scst/usr/isns.c?r1=644&r2=649 |
||
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu. | ||
tgt Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Ignored
(end of life)
|
|
jaunty |
Ignored
(end of life)
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Ignored
(end of life)
|
|
maverick |
Not vulnerable
(1:1.0.4-1ubuntu4)
|
|
natty |
Not vulnerable
(1:1.0.4-1ubuntu4)
|
|
oneiric |
Not vulnerable
(1:1.0.4-1ubuntu4)
|
|
precise |
Not vulnerable
(1:1.0.4-1ubuntu4)
|
|
quantal |
Not vulnerable
(1:1.0.4-1ubuntu4)
|
|
raring |
Not vulnerable
(1:1.0.4-1ubuntu4)
|
|
saucy |
Not vulnerable
(1:1.0.4-1ubuntu4)
|
|
upstream |
Released
(1:1.0.3-2)
|
|
Patches: upstream: http://git.kernel.org/?p=linux/kernel/git/tomo/tgt.git;a=commitdiff;h=107d922706cd36f3bb79bcca9bc4678c32f22e59 |
||
This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu. |