CVSS: 5.0EPSS: 12%CPEs: 15EXPL: 0CVE-2011-0001 – scsi-target-utils: double-free vulnerability leads to pre-authenticated crash
https://notcve.org/view.php?id=CVE-2011-0001
Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI target framework (tgt) before 1.0.14, aka scsi-target-utils, allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown vectors related to a buffer overflow during iscsi login. NOTE: some of these details are obtained from third party information. Vulnerabilidad de doble liberación ("double free") en la función iscsi_rx_handler (usr/iscsi/iscsid.c) del demonio tgt (tgtd) de Linux SCSI target framework (tgt) en versiones anteriores a la 1.0.14 (también conocido como scsi-target-utils). Permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de la aplicación) y posiblemente ejecutar código arbitrario a través de vectores desconocidos. Relacionada con un desbordamiento de buffer durante el login iscsi. • http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00005.html http://lists.wpkg.org/pipermail/stgt/2011-March/004473.html http://secunia.com/advisories/43706 http://secunia.com/advisories/43713 http://www.debian.org/security/2011/dsa-2209 http://www.redhat.com/support/errata/RHSA-2011-0332.html http://www.securityfocus.com/bid/46817 http://www.securitytracker.com/id?1025184 http://www.vupen.com/english/advisories/2011/0636 https://bugzilla.redhat.com/attachment. • CWE-399: Resource Management Errors •
CVSS: 6.8EPSS: 56%CPEs: 60EXPL: 0CVE-2010-2221 – scsi-target-utils: stack buffer overflow vulnerability
https://notcve.org/view.php?id=CVE-2010-2221
Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU. Múltiples desbordamientos de búfer en la implementación iSNS en isns.c en (1) Linux SCSI target framework (alias tgt o scsi-target-utils) anterior a v1.0.6, (2) iSCSI Enterprise Target (alias iscsitarget or IET) v1.4.20.1 y anteriores, y (3) Generic SCSI Target Subsystem for Linux (alias SCST or iscsi-scst) v1.0.1.1 y anteriores permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y cuelgue del demonio) o posiblemente ejecutar código arbitrario a través de (a) una cadena de nombre iSCSI largo en un mensaje SCN o (b) un PDU inválido. • http://archives.neohapsis.com/archives/bugtraq/2010-07/0022.html http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0058.html http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html http://lists.wpkg.org/pipermail/stgt/2010-July/003858.html http://scst.svn.sourceforge.net/viewvc/scst/trunk/iscsi-scst/usr/isns.c?r1=1793&r2=1792&pathrev=1793 http://scst.svn.sourceforge.net/viewvc/scst?view=revision&revision=1793 http://secunia.com/advisories/40485 http:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •