iSCSI target Multiple Implementations iSNS Stack Buffer Overflow
TSL ID: FSC20100701-01
iSCSI Enterprise Project iscsitarget 1.4.20.1 and prior
SCST project iscsi-scst 1.0.1.1 and prior
tgt project tgt 1.0.5 and prior
References:
http://iscsitarget.sourceforge.net/
http://scst.sourceforge.net/
http://stgt.sourceforge.net/
A stack buffer overflow vulnerability exist in iscsitarget, an open implementation of iSCSI Enterprise
Target. The vulnerability is caused by insufficient boundary checking while processing iSNS messages. A remote
attacker can leverage this vulnerability to inject and execute arbitrary code on a vulnerable system.
Successful exploitation of this vulnerability can result in a complete compromise of the target system. In an
unsuccessful attack attempt, the vulnerable system may abnormally terminate.
TELUS Security Labs has confirmed the vulnerability in:
iSCSI Enterprise Project iscsitarget 1.4.20.1 and prior
SCST project iscsi-scst 1.0.1.1 and prior
tgt project tgt 1.0.5 and prior
Disable or uninstall the affected module.
Patches have been made available to eliminate this vulnerability:
2010-05-18 Reported to vendor
2010-05-18 Initial vendor response
2010-07-01 Coordinated public disclosure
Vulnerability Research Team, TELUS Security Labs
CVE: CVE-2010-2221
Vendor: Not available
TELUS Security Labs, formerly Assurent Secure Technologies is the leading provider of security research. Our
research services include:
* Vulnerability Research
* Malware Research
* Signature Development
* Shellcode Exploit Development
* Application Protocols
* Product Security Testing
* Security Content Development (parsers, reports, alerts)
TELUS Security Labs provides a specialized portfolio of services to assist security product vendors with
newly discovered commercial product vulnerabilities and malware attacks. Many of our services are provided on
a subscription basis to reduce research costs for our customers. Over 50 of the world's leading security
product vendors rely on TELUS Security Labs research.