|
|
CVE Reference: CVE-2007-3100 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-3100 |
|
|
Description: usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/34943 SUSE http://www.novell.com/linux/security/advisories/2007_17_sr.html ST 1018246 SAID Secunia Advisory: SA26543 Secunia Advisory: SA26438 Secunia Advisory: SA25679 Secunia Advisory: SA25749 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0497.html OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10653 DEBIAN http://www.debian.org/security/2007/dsa-1314 CONFIRM http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html http://svn.berlios.de/viewcvs/open-iscsi?rev=858&view=rev http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719 BID 24471 |
|
| Return to the previous page. |
