(RHSA-2010:0362) Important: scsi-target-utils security update

2010-04-2000:00:00

access.redhat.com

EPSS

0.658

Percentile

97.9%

JSON

The scsi-target-utils package contains the daemon and tools to set up and
monitor SCSI targets. Currently, iSCSI software and iSER targets are
supported.

A format string flaw was found in scsi-target-utils’ tgtd daemon. A
remote attacker could trigger this flaw by sending a carefully-crafted
Internet Storage Name Service (iSNS) request, causing the tgtd daemon to
crash. (CVE-2010-0743)

All scsi-target-utils users should upgrade to this updated package, which
contains a backported patch to correct this issue. All running
scsi-target-utils services must be restarted for the update to take effect.

OSVersionArchitecturePackageVersionFilename
RedHat5i386scsi-target-utils< 0.0-6.20091205snap.el5_5.2scsi-target-utils-0.0-6.20091205snap.el5_5.2.i386.rpm
RedHat5ia64scsi-target-utils< 0.0-6.20091205snap.el5_5.2scsi-target-utils-0.0-6.20091205snap.el5_5.2.ia64.rpm
RedHat5srcscsi-target-utils< 0.0-6.20091205snap.el5_5.2scsi-target-utils-0.0-6.20091205snap.el5_5.2.src.rpm
RedHat5x86_64scsi-target-utils< 0.0-6.20091205snap.el5_5.2scsi-target-utils-0.0-6.20091205snap.el5_5.2.x86_64.rpm
RedHat5ppcscsi-target-utils< 0.0-6.20091205snap.el5_5.2scsi-target-utils-0.0-6.20091205snap.el5_5.2.ppc.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	5	i386	scsi-target-utils	< 0.0-6.20091205snap.el5_5.2	scsi-target-utils-0.0-6.20091205snap.el5_5.2.i386.rpm
RedHat	5	ia64	scsi-target-utils	< 0.0-6.20091205snap.el5_5.2	scsi-target-utils-0.0-6.20091205snap.el5_5.2.ia64.rpm
RedHat	5	src	scsi-target-utils	< 0.0-6.20091205snap.el5_5.2	scsi-target-utils-0.0-6.20091205snap.el5_5.2.src.rpm
RedHat	5	x86_64	scsi-target-utils	< 0.0-6.20091205snap.el5_5.2	scsi-target-utils-0.0-6.20091205snap.el5_5.2.x86_64.rpm
RedHat	5	ppc	scsi-target-utils	< 0.0-6.20091205snap.el5_5.2	scsi-target-utils-0.0-6.20091205snap.el5_5.2.ppc.rpm