Lucene search

Ubuntu.comUB:CVE-2010-2221

HistoryJul 08, 2010 - 12:00 a.m.

CVE-2010-2221

2010-07-0800:00:00

ubuntu.com

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.593

Percentile

97.8%

JSON

Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux
SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2)
iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and
(3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst)
1.0.1.1 and earlier allow remote attackers to cause a denial of service
(memory corruption and daemon crash) or possibly execute arbitrary code via
(a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.

Bugs

<https://bugzilla.redhat.com/show_bug.cgi?id=593877>

OSVersionArchitecturePackageVersionFilename
ubuntu10.10noarchtgt< 1:1.0.4-1ubuntu4.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.10	noarch	tgt	< 1:1.0.4-1ubuntu4.1	UNKNOWN

References

archives.neohapsis.com/archives/fulldisclosure/2010-07/0058.html

launchpad.net/bugs/cve/CVE-2010-2221

nvd.nist.gov/vuln/detail/CVE-2010-2221

security-tracker.debian.org/tracker/CVE-2010-2221

ubuntu.com/security/notices/USN-1156-1

www.cve.org/CVERecord?id=CVE-2010-2221

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

EPSS

0.593

Percentile

97.8%

JSON

Related for UB:CVE-2010-2221