Oval Definition:	oval:org.mitre.oval:def:21847
Revision Date: 2015-03-09 Version: 12 Title: RHSA-2011:0332: scsi-target-utils security update (Important) Description: Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI target framework (tgt) before 1.0.14, aka scsi-target-utils, allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown vectors related to a buffer overflow during iscsi login. NOTE: some of these details are obtained from third party information. Family: unix Class: patch Status: ACCEPTED Reference(s): CESA-2011:0332-CentOS 5 CVE-2011-0001 RHSA-2011:0332-01 Platform(s): CentOS Linux 5 Red Hat Enterprise Linux 6 Product(s): scsi-target-utils Definition Synopsis Red Hat Enterprise Linux 6 release section The operating system installed on the system is Red Hat Enterprise Linux 6 AND Packages match section scsi-target-utils is earlier than 0:1.0.4-3.el6_0.1 OR scsi-target-utils-debuginfo is earlier than 0:1.0.4-3.el6_0.1 CentOS Linux 5 release section The operating system installed on the system is CentOS Linux 5.x AND scsi-target-utils is earlier than 0:1.0.8-0.el5_6.1
BACK