CVE-2010-2221
Published Jul 8, 2010
Last updated 2 years ago
Overview
- Description
- Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.
- Source
- secalert@redhat.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-119
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zaal:tgt:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6ED33EC-4BA9-4F13-BF44-CF5BC683C9CA",
"versionEndIncluding": "1.0.5"
},
{
"criteria": "cpe:2.3:a:zaal:tgt:0.9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9432FC9D-F4C3-489F-8F40-ACFE3F2F913E"
},
{
"criteria": "cpe:2.3:a:zaal:tgt:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10650430-4013-4932-9B0D-548B335AB776"
},
{
"criteria": "cpe:2.3:a:zaal:tgt:1.0.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "95C41F32-2D11-4577-9AB3-3E8FF703164A"
},
{
"criteria": "cpe:2.3:a:zaal:tgt:1.0.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCB267C5-AD43-4E4C-8639-4B3A69AADC99"
},
{
"criteria": "cpe:2.3:a:zaal:tgt:1.0.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8DACB776-1C50-458F-A062-21271A039EF9"
},
{
"criteria": "cpe:2.3:a:zaal:tgt:1.0.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "52C89B83-9C97-494F-961D-226C5808AD16"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8EC28CD2-2A3E-450F-B1B6-B9AE76CD58CD",
"versionEndIncluding": "1.4.20"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "070A8F63-74EC-45B6-9E3A-49E168831CD7"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.2.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BEDBF14B-C4E2-4807-8AE4-04C5C74A9103"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.2.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5A418E0B-A202-4F45-8A3E-9CE9C2276E93"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.2.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3871CAE-1334-46CF-938D-3BA734DA4EC1"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.2.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0273C88A-903C-4E7B-8DAF-99CC7F54FA36"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.2.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C36FD91D-C7D5-4624-9908-E914BFE9EFDD"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.2.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E522858E-FC70-4863-BAEC-48BD683431FC"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.2.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1F368119-5F77-4F90-B699-060A2390C743"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.3.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2407E59F-E349-4334-8B0D-8ECC37DF6F1F"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.3.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28DBD446-065B-48B8-BA84-2BA8696F846A"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.3.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58B93327-B705-4D89-90F9-BBCF116675AB"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.3.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "92511964-6F24-470A-BC66-8D04F1761D3B"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.3.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "597A39BF-EC98-4E60-8D92-347066275743"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.3.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "906011E5-3C94-43CF-9808-E2CC1029D463"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "45E98D0E-64DB-4CC0-A390-720D59BF96D4"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A63A3A1F-F25D-4C31-A969-465808892D69"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8C8E822-3C4C-4887-937D-C6C0ED99A173"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0E7810B1-634E-4471-98B2-8C61B915CE21"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "762953AB-E7B7-4B92-8B90-F2A3ECB52CC1"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C2B148C5-21FC-4287-B984-0B3C447BA775"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2A54B06A-57DC-4B2D-9988-E8ADE4AABC9B"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E4BEC42A-F9DE-4256-8B1F-601AD737E0FE"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6A30DC66-FB34-46B8-BAB7-FA35B51EFAB2"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FAA40BC5-984A-4CF4-B46E-2FF9A32FAE22"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D7B84D8-DFCB-4602-A133-1EAEE38EBEB8"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "53419B63-B995-4218-948B-67B2955555AF"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E67CBEB0-2849-481D-9372-DCEDDAE24518"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB838058-95B7-4624-AC31-4C041D394A8E"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AC9AD8F6-4D75-4828-9944-E7821E1F5CB9"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.12:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AAC345FF-492F-44A0-8D6C-3D3FC4EBAAC7"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.13:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3843296-FD7A-44C6-AC3F-155587863320"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.14:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "572DEE8B-C9A2-4F33-8073-EBF429A2FAA4"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.15:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "191B87E6-9DB8-4015-83FB-627C127AD491"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.16:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3FA49BB2-45D7-4247-974F-D45037D325A8"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:0.4.17:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2E5C743A-DDEF-4A59-BD59-37019AB6C7CF"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:1.4.18:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDA2941A-361A-4C29-B0CB-971ECCA2E1A7"
},
{
"criteria": "cpe:2.3:a:arne_redlich_\\&_ross_walker:iscsitarget:1.4.19:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "29DAB457-CBFF-422F-B70E-DBF0F6FE1CD9"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1880CEA6-0EDF-4287-BBEB-1B741C2D7D2D",
"versionEndIncluding": "1.0.1"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.0a:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F530E9D-B602-46BF-A7BE-D81C64446EB9"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EA14555B-340A-47C2-B577-00110791E933"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9F3FB5FA-9533-49EA-A577-F7B06E636EE3"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "085904E8-5955-4216-8380-F4FCF669FF9F"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.3:pre1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E5F2A5FB-767F-419E-972A-FF8961704FA5"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.3:pre2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1DF32A33-B344-4518-A731-375522269976"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.3:pre4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "86BDFE67-AE54-4F1C-ADA4-7F5B01E5CEA9"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.4:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "31B056DF-7A76-4C83-842B-1C0CEEA94B40"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "82A6E0F2-F0B7-4C51-81F8-B828AE2380EA"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.5.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7E20D280-2319-43CC-87A7-E6D0AAD5C80A"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.5.2:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9A435084-5FFC-4DBE-A9FF-D0417229AB17"
},
{
"criteria": "cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:1.0.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DFE0B048-84D3-493B-865E-FD12DE84574F"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]