CVE-2007-3100 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-3100
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-3100

Description: usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/34943 SUSE http://www.novell.com/linux/security/advisories/2007_17_sr.html ST 1018246 SAID Secunia Advisory: SA25679 Secunia Advisory: SA25749 Secunia Advisory: SA26438 Secunia Advisory: SA26543 REDHAT http://www.redhat.com/support/errata/RHSA-2007-0497.html DEBIAN http://www.debian.org/security/2007/dsa-1314 CONFIRM http://svn.berlios.de/viewcvs/open-iscsi?rev=858&view=rev http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719 BID 24471

Return to the previous page.