|
|
CVE Reference: CVE-2007-3099 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3099 |
|
|
Description: usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss). |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/34944 SUSE http://www.novell.com/linux/security/advisories/2007_17_sr.html ST 1018246 SAID Secunia Advisory: SA26438 Secunia Advisory: SA25749 Secunia Advisory: SA25679 Secunia Advisory: SA26543 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0497.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11595 OSVDB 37269 DEBIAN http://www.debian.org/security/2007/dsa-1314 CONFIRM http://svn.berlios.de/viewcvs/open-iscsi?rev=857&view=rev http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719 BID 24471 |
|
| Return to the previous page. |
