Back to search
CVE-2010-0743
Published: Apr 8, 2010
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple format string vulnerabilities in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) 1.0.3, 0.9.5, and earlier and (2) iSCSI Enterprise Target (aka iscsitarget) 0.4.16 allow remote attackers to cause a denial of service (tgtd daemon crash) or possibly have unspecified other impact via vectors that involve the isns_attr_query and qry_rsp_handle functions, and are related to (a) client appearance and (b) client disappearance messages.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
lstf-isns-format-string(57496)
vdb-entry
x_refsource_XF
https://bugzilla.redhat.com/show_bug.cgi?id=576359
x_refsource_CONFIRM
MDVSA-2010:131
vendor-advisory
x_refsource_MANDRIVA
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=574935
x_refsource_CONFIRM
oval:org.mitre.oval:def:11248
vdb-entry
signature
x_refsource_OVAL
39142
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20100331 iscsitarget/scsi-target-tuils format string CVE assignment
mailing-list
x_refsource_MLIST
39127
vdb-entry
x_refsource_BID
SUSE-SR:2010:017
vendor-advisory
x_refsource_SUSE
DSA-2042
vendor-advisory
x_refsource_DEBIAN
ADV-2010-1786
vdb-entry
x_refsource_VUPEN
39726
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now