Oval Definition:	oval:com.ubuntu.precise:def:20102221000
Revision Date: 2010-07-08 Version: 1 Title: CVE-2010-2221 on Ubuntu 12.04 LTS (precise) - medium. Description: Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU. Family: unix Class: vulnerability Status: Reference(s): CVE-2010-2221 Platform(s): Ubuntu 12.04 LTS Product(s): Definition Synopsis Ubuntu 12.04 LTS (precise) is installed. AND Package Information The 'iscsitarget' package in precise is affected and needs fixing. OR NOT While related to the CVE in some way, the 'tgt' package in precise is not affected (note: '1:1.0.13-0ubuntu2').
BACK