Lucene search

[email protected]NVD:CVE-2010-2221

HistoryJul 08, 2010 - 6:30 p.m.

CVE-2010-2221

2010-07-0818:30:00

CWE-119

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

AI Score

8.1

Confidence

High

EPSS

0.593

Percentile

97.8%

JSON

Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.

Affected configurations

Nvd

Node

zaaltgtRange≤1.0.5

zaaltgtMatch0.9.5

zaaltgtMatch1.0.0

zaaltgtMatch1.0.1

zaaltgtMatch1.0.2

zaaltgtMatch1.0.3

zaaltgtMatch1.0.4

AND

linuxlinux_kernel

Node

arne_redlich_\&_ross_walkeriscsitargetRange≤1.4.20

arne_redlich_\&_ross_walkeriscsitargetMatch0.1.0

arne_redlich_\&_ross_walkeriscsitargetMatch0.2.0

arne_redlich_\&_ross_walkeriscsitargetMatch0.2.1

arne_redlich_\&_ross_walkeriscsitargetMatch0.2.2

arne_redlich_\&_ross_walkeriscsitargetMatch0.2.3

arne_redlich_\&_ross_walkeriscsitargetMatch0.2.4

arne_redlich_\&_ross_walkeriscsitargetMatch0.2.5

arne_redlich_\&_ross_walkeriscsitargetMatch0.2.6

arne_redlich_\&_ross_walkeriscsitargetMatch0.3.0

arne_redlich_\&_ross_walkeriscsitargetMatch0.3.1

arne_redlich_\&_ross_walkeriscsitargetMatch0.3.2

arne_redlich_\&_ross_walkeriscsitargetMatch0.3.3

arne_redlich_\&_ross_walkeriscsitargetMatch0.3.4

arne_redlich_\&_ross_walkeriscsitargetMatch0.3.5

arne_redlich_\&_ross_walkeriscsitargetMatch0.3.6

arne_redlich_\&_ross_walkeriscsitargetMatch0.3.7

arne_redlich_\&_ross_walkeriscsitargetMatch0.3.8

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.0

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.1

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.2

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.3

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.4

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.5

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.6

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.7

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.8

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.9

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.10

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.11

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.12

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.13

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.14

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.15

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.16

arne_redlich_\&_ross_walkeriscsitargetMatch0.4.17

arne_redlich_\&_ross_walkeriscsitargetMatch1.4.18

arne_redlich_\&_ross_walkeriscsitargetMatch1.4.19

Node

vladislav_bolkhovitingeneric_scsi_target_subsystemRange≤1.0.1

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.0a

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.1

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.2

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.3

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.3pre1

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.3pre2

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.3pre4

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.4

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.5

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.5.1

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch0.9.5.2

vladislav_bolkhovitingeneric_scsi_target_subsystemMatch1.0.0

AND

linuxlinux_kernel

VendorProductVersionCPE
zaaltgt*cpe:2.3:a:zaal:tgt:*:*:*:*:*:*:*:*
zaaltgt0.9.5cpe:2.3:a:zaal:tgt:0.9.5:*:*:*:*:*:*:*
zaaltgt1.0.0cpe:2.3:a:zaal:tgt:1.0.0:*:*:*:*:*:*:*
zaaltgt1.0.1cpe:2.3:a:zaal:tgt:1.0.1:*:*:*:*:*:*:*
zaaltgt1.0.2cpe:2.3:a:zaal:tgt:1.0.2:*:*:*:*:*:*:*
zaaltgt1.0.3cpe:2.3:a:zaal:tgt:1.0.3:*:*:*:*:*:*:*
zaaltgt1.0.4cpe:2.3:a:zaal:tgt:1.0.4:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
arne_redlich_\&_ross_walkeriscsitarget*cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:*:*:*:*:*:*:*:*
arne_redlich_\&_ross_walkeriscsitarget0.1.0cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.1.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
zaal	tgt	*	cpe:2.3:a:zaal:tgt::::::::
zaal	tgt	0.9.5	cpe:2.3:a:zaal:tgt:0.9.5:::::::*
zaal	tgt	1.0.0	cpe:2.3:a:zaal:tgt:1.0.0:::::::*
zaal	tgt	1.0.1	cpe:2.3:a:zaal:tgt:1.0.1:::::::*
zaal	tgt	1.0.2	cpe:2.3:a:zaal:tgt:1.0.2:::::::*
zaal	tgt	1.0.3	cpe:2.3:a:zaal:tgt:1.0.3:::::::*
zaal	tgt	1.0.4	cpe:2.3:a:zaal:tgt:1.0.4:::::::*
linux	linux_kernel	*	cpe:2.3:o:linux:linux_kernel::::::::
arne_redlich_\&_ross_walker	iscsitarget	*	cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget::::::::
arne_redlich_\&_ross_walker	iscsitarget	0.1.0	cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.1.0:::::::*