Executive Summary

Summary
Title scsi-target-utils security update
Informations
Name RHSA-2011:0332 First vendor Publication 2011-03-09
Vendor RedHat Last vendor Modification 2011-03-09
Severity (Vendor) Important Revision 01

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Cvss Base Score 5 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Problem Description:

An updated scsi-target-utils package that fixes one security issue is now available for Red Hat Enterprise Linux 5 and 6.

The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

2. Relevant releases/architectures:

RHEL Cluster-Storage (v. 5 server) - i386, ia64, ppc, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64

3. Description:

The scsi-target-utils package contains the daemon and tools to set up and monitor SCSI targets. Currently, iSCSI software and iSER targets are supported.

A double-free flaw was found in scsi-target-utils' tgtd daemon. A remote attacker could trigger this flaw by sending carefully-crafted network traffic, causing the tgtd daemon to crash. (CVE-2011-0001)

Red Hat would like to thank Emmanuel Bouillon of NATO C3 Agency for reporting this issue.

All scsi-target-utils users should upgrade to this updated package, which contains a backported patch to correct this issue. All running scsi-target-utils services must be restarted for the update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259

5. Bugs fixed (http://bugzilla.redhat.com/):

667261 - CVE-2011-0001 scsi-target-utils: double-free vulnerability leads to pre-authenticated crash

Original Source

Url : https://rhn.redhat.com/errata/RHSA-2011-0332.html

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:12861
 
Oval ID: oval:org.mitre.oval:def:12861
Title: DSA-2209-1 tgt -- double free
Description: Emmanuel Bouillon discovered a double free in tgt, the Linux SCSI target user-space tools, which could lead to denial of service. The oldstable distribution doesn't include tgt.
Family: unix Class: patch
Reference(s): DSA-2209-1
CVE-2011-0001
 Version: 5
Platform(s): Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
 Product(s): tgt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13545
 
Oval ID: oval:org.mitre.oval:def:13545
Title: USN-1156-1 -- tgt vulnerabilities
Description: tgt: Linux SCSI target user-space tools An attacker could send crafted input to tgt and cause it to crash or run arbitrary programs.
Family: unix Class: patch
Reference(s): USN-1156-1
CVE-2010-2221
CVE-2011-0001
 Version: 5
Platform(s): Ubuntu 11.04
Ubuntu 10.10
 Product(s): tgt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21847
 
Oval ID: oval:org.mitre.oval:def:21847
Title: RHSA-2011:0332: scsi-target-utils security update (Important)
Description: Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI target framework (tgt) before 1.0.14, aka scsi-target-utils, allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown vectors related to a buffer overflow during iscsi login. NOTE: some of these details are obtained from third party information.
Family: unix Class: patch
Reference(s): RHSA-2011:0332-01
CVE-2011-0001
CESA-2011:0332-CentOS 5
 Version: 6
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 5
 Product(s): scsi-target-utils
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23633
 
Oval ID: oval:org.mitre.oval:def:23633
Title: ELSA-2011:0332: scsi-target-utils security update (Important)
Description: Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI target framework (tgt) before 1.0.14, aka scsi-target-utils, allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown vectors related to a buffer overflow during iscsi login. NOTE: some of these details are obtained from third party information.
Family: unix Class: patch
Reference(s): ELSA-2011:0332-01
CVE-2011-0001
 Version: 6
Platform(s): Oracle Linux 6
 Product(s): scsi-target-utils
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27751
 
Oval ID: oval:org.mitre.oval:def:27751
Title: DEPRECATED: ELSA-2011-0332 -- scsi-target-utils security update (important)
Description: [1.0.4-3.1] - fix the buffer overflow bug before iscsi login (CVE-2011-0001)
Family: unix Class: patch
Reference(s): ELSA-2011-0332
CVE-2011-0001
 Version: 4
Platform(s): Oracle Linux 5
Oracle Linux 6
 Product(s): scsi-target-utils
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 14

OpenVAS Exploits

Date Description
2012-07-30 Name : CentOS Update for scsi-target-utils CESA-2011:0332 centos5 x86_64
File : nvt/gb_CESA-2011_0332_scsi-target-utils_centos5_x86_64.nasl
2012-06-06 Name : RedHat Update for scsi-target-utils RHSA-2011:0332-01
File : nvt/gb_RHSA-2011_0332-01_scsi-target-utils.nasl
2011-08-09 Name : CentOS Update for scsi-target-utils CESA-2011:0332 centos5 i386
File : nvt/gb_CESA-2011_0332_scsi-target-utils_centos5_i386.nasl
2011-07-18 Name : Fedora Update for scsi-target-utils FEDORA-2011-8930
File : nvt/gb_fedora_2011_8930_scsi-target-utils_fc14.nasl
2011-07-12 Name : Fedora Update for scsi-target-utils FEDORA-2011-8890
File : nvt/gb_fedora_2011_8890_scsi-target-utils_fc15.nasl
2011-06-24 Name : Ubuntu Update for tgt USN-1156-1
File : nvt/gb_ubuntu_USN_1156_1.nasl
2011-05-12 Name : Debian Security Advisory DSA 2209-1 (tgt)
File : nvt/deb_2209_1.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
74916 Linux SCSI Target Framework (tgt) tgt daemon (tgtd) iscsi_rx_handler() Functi...

Nessus® Vulnerability Scanner

Date Description
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2011-0332.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20110309_scsi_target_utils_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2011-07-12 Name : The remote Fedora host is missing a security update.
File : fedora_2011-8930.nasl - Type : ACT_GATHER_INFO
2011-07-11 Name : The remote Fedora host is missing a security update.
File : fedora_2011-8890.nasl - Type : ACT_GATHER_INFO
2011-06-21 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1156-1.nasl - Type : ACT_GATHER_INFO
2011-05-04 Name : The remote SuSE 11 host is missing a security update.
File : suse_11_tgt-110418.nasl - Type : ACT_GATHER_INFO
2011-04-15 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2011-0332.nasl - Type : ACT_GATHER_INFO
2011-04-04 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2209.nasl - Type : ACT_GATHER_INFO
2011-03-10 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-0332.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
Date Informations
2014-02-17 11:54:27
  • Multiple Updates