Back to search
CVE-2011-0001
Published: Mar 15, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI target framework (tgt) before 1.0.14, aka scsi-target-utils, allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown vectors related to a buffer overflow during iscsi login. NOTE: some of these details are obtained from third party information.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SR:2011:009
vendor-advisory
x_refsource_SUSE
RHSA-2011:0332
vendor-advisory
x_refsource_REDHAT
ADV-2011-0636
vdb-entry
x_refsource_VUPEN
[stgt] 20110309 [PATCH] iscsi: fix buffer overflow before login
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/attachment.cgi?id=473779&action=diff
x_refsource_MISC
43706
third-party-advisory
x_refsource_SECUNIA
DSA-2209
vendor-advisory
x_refsource_DEBIAN
https://bugzilla.redhat.com/show_bug.cgi?id=667261
x_refsource_CONFIRM
43713
third-party-advisory
x_refsource_SECUNIA
46817
vdb-entry
x_refsource_BID
lstf-iscsirxhandler-dos(66010)
vdb-entry
x_refsource_XF
1025184
vdb-entry
x_refsource_SECTRACK
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now