QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-2221

Back to search

CVE-2010-2221

Published: Jul 8, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.

VendorProductVersions

n/a

n/a

affected
n/a

References

ADV-2010-1760
vdb-entry
x_refsource_VUPEN
65992
vdb-entry
x_refsource_OSVDB
MDVSA-2010:131
vendor-advisory
x_refsource_MANDRIVA
65990
vdb-entry
x_refsource_OSVDB
41327
vdb-entry
x_refsource_BID
RHSA-2010:0518
vendor-advisory
x_refsource_REDHAT
65991
vdb-entry
x_refsource_OSVDB
40485
third-party-advisory
x_refsource_SECUNIA
[stgt] 20100701 1.0.6 released
mailing-list
x_refsource_MLIST
SUSE-SR:2010:017
vendor-advisory
x_refsource_SUSE
40494
third-party-advisory
x_refsource_SECUNIA
ADV-2010-1786
vdb-entry
x_refsource_VUPEN
1024175
vdb-entry
x_refsource_SECTRACK
40495
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now