Vulnerability CVE-2011-0001

Vulnerability Name:

CVE-2011-0001 (CCN-66010)

Assigned:

2010-12-07

Published:

2011-03-09

Updated:

2017-08-17

Summary:

Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI target framework (tgt) before 1.0.14, aka scsi-target-utils, allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown vectors related to a buffer overflow during iscsi login.
Note: some of these details are obtained from third party information.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (REDHAT CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
3.7 Low (REDHAT Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-399

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2011-0001

Source: SUSE
Type: UNKNOWN
SUSE-SR:2011:009

Source: MLIST
Type: Patch
[stgt] 20110309 [PATCH] iscsi: fix buffer overflow before login

Source: CCN
Type: RHSA-2011-0332
Important: scsi-target-utils security update

Source: SECUNIA
Type: Vendor Advisory
43706

Source: CCN
Type: SA43713
Linux SCSI target framework (tgt) iscsi_rx_handler() Vulnerability

Source: SECUNIA
Type: Vendor Advisory
43713

Source: DEBIAN
Type: UNKNOWN
DSA-2209

Source: DEBIAN
Type: DSA-2209
tgt -- double free

Source: CCN
Type: OSVDB ID: 74916
Linux SCSI Target Framework (tgt) tgt daemon (tgtd) iscsi_rx_handler() Function Double-free

Source: REDHAT
Type: UNKNOWN
RHSA-2011:0332

Source: BID
Type: UNKNOWN
46817

Source: CCN
Type: BID-46817
Red Hat scsi-target-utils TGT Daemon Remote Denial of Service Vulnerability

Source: SECTRACK
Type: UNKNOWN
1025184

Source: VUPEN
Type: Vendor Advisory
ADV-2011-0636

Source: MISC
Type: Patch
https://bugzilla.redhat.com/attachment.cgi?id=473779&action=diff

Source: CCN
Type: Red Hat Bugzilla Bug 667261
CVE-2011-0001 scsi-target-utils: double-free vulnerability leads to pre-authenticated crash

Source: CONFIRM
Type: Patch
https://bugzilla.redhat.com/show_bug.cgi?id=667261

Source: XF
Type: UNKNOWN
lstf-iscsirxhandler-dos(66010)

Source: XF
Type: UNKNOWN
lstf-iscsirxhandler-dos(66010)

Source: SUSE
Type: SUSE-SR:2011:009
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:zaal:tgt:0.9.5:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.0:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.1:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.4:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.5:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.6:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.7:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.8:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.9:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.10:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.11:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:1.0.12:*:*:*:*:*:*:*

OR cpe:/a:zaal:tgt:*:*:*:*:*:*:*:* (Version <= 1.0.13)

Configuration RedHat 1:

cpe:/a:redhat:rhel_cluster_storage:5:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:6:*:*:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:6::server:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:6::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:redhat:rhel_cluster_storage:5:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6:*:server:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6:*:workstation:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20110001	V	CVE-2011-0001	2022-05-20
oval:org.opensuse.security:def:26226	P	Security update for openexr (Important)	2022-01-12
oval:org.opensuse.security:def:32289	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:31755	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:30279	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:42241	P	Security update for mozilla-nss (Important)	2021-12-06
oval:org.opensuse.security:def:26173	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:32231	P	Security update for clamav (Moderate)	2021-12-01
oval:org.opensuse.security:def:31313	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:32228	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:31301	P	Security update for samba (Important)	2021-11-19
oval:org.opensuse.security:def:31302	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-11-19
oval:org.opensuse.security:def:26160	P	Security update for binutils (Moderate)	2021-11-09
oval:org.opensuse.security:def:29437	P	Security update for postgresql10 (Important)	2021-10-20
oval:org.opensuse.security:def:26145	P	Security update for the Linux Kernel (Important)	2021-10-12
oval:org.opensuse.security:def:32179	P	Security update for libesmtp (Important)	2021-09-02
oval:org.opensuse.security:def:26116	P	Security update for apache2 (Important)	2021-09-02
oval:org.opensuse.security:def:31668	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:26102	P	Security update for php72 (Important)	2021-08-06
oval:org.opensuse.security:def:32971	P	Security update for dbus-1 (Important)	2021-08-02
oval:org.opensuse.security:def:33690	P	Security update for linuxptp (Important)	2021-07-21
oval:org.opensuse.security:def:32144	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-07-21
oval:org.opensuse.security:def:32123	P	Security update for xterm (Important)	2021-06-18
oval:org.opensuse.security:def:32121	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:42718	P	tgt-0.9.10-0.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36311	P	tgt-0.9.10-0.17.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:33646	P	Security update for avahi (Important)	2021-06-03
oval:org.opensuse.security:def:26064	P	Security update for libwebp (Critical)	2021-06-02
oval:org.opensuse.security:def:26063	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:32087	P	Security update for cups (Important)	2021-04-30
oval:org.opensuse.security:def:31611	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:32077	P	Security update for the Linux Kernel (Live Patch 35 for SLE 12 SP3) (Important)	2021-04-28
oval:org.opensuse.security:def:29491	P	Security update for MozillaFirefox (Important)	2021-03-31
oval:org.opensuse.security:def:32267	P	Security update for grub2 (Important)	2021-03-02
oval:org.opensuse.security:def:26202	P	Security update for MozillaFirefox (Important)	2021-03-01
oval:org.opensuse.security:def:33080	P	Security update for java-1_8_0-openjdk (Moderate)	2021-02-19
oval:org.opensuse.security:def:31731	P	Security update for java-1_7_1-ibm (Important)	2021-02-18
oval:org.opensuse.security:def:32945	P	Security update for mutt (Moderate)	2021-01-22
oval:org.opensuse.security:def:28925	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:33010	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:32016	P	Security update for python (Important)	2020-12-11
oval:org.opensuse.security:def:33622	P	Security update for openssl-1_1 (Important)	2020-12-10
oval:org.opensuse.security:def:34328	P	Security update for the Linux Kernel (Important)	2020-12-09
oval:org.opensuse.security:def:36047	P	tgt-0.9.10-0.17.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:35834	P	tgt-0.9.10-0.15.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:42454	P	tgt-0.9.10-0.17.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:28856	P	Security update for python3 (Important)	2020-12-02
oval:org.opensuse.security:def:31778	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:33534	P	Security update for ConsoleKit	2020-12-01
oval:org.opensuse.security:def:32854	P	enscript on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33477	P	Security update for openLDAP	2020-12-01
oval:org.opensuse.security:def:25384	P	Security update for java-1_7_1-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:25588	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25961	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26328	P	used on wotan :) (Low)	2020-12-01
oval:org.opensuse.security:def:25672	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:26022	P	Security update for icu (Moderate)	2020-12-01
oval:org.opensuse.security:def:26578	P	lcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27309	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25872	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:29540	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:28845	P	Security update for wireshark (Moderate)	2020-12-01
oval:org.opensuse.security:def:29142	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:31519	P	Security update for sendmail	2020-12-01
oval:org.opensuse.security:def:31911	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31599	P	Security update for tiff (Low)	2020-12-01
oval:org.opensuse.security:def:31967	P	Security update for intel-SINIT (Important)	2020-12-01
oval:org.opensuse.security:def:32531	P	ipsec-tools on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33274	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31789	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:33583	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:32855	P	evince on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33175	P	libpulse-browse0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26798	P	pam_ldap on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25385	P	Security update for MozillaFirefox (Moderate)	2020-12-01
oval:org.opensuse.security:def:25669	P	Security update for gcc10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26014	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:26372	P	Recommended update for geotiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:25596	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:25800	P	Security update for polkit (Moderate)	2020-12-01
oval:org.opensuse.security:def:26592	P	libneon27 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25936	P	Security update for libreoffice (Moderate)	2020-12-01
oval:org.opensuse.security:def:26286	P	Security update for libcdio (Low)	2020-12-01
oval:org.opensuse.security:def:29579	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30316	P	Security update for tgt	2020-12-01
oval:org.opensuse.security:def:29199	P	Security update for openssh (Important)	2020-12-01
oval:org.opensuse.security:def:32759	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32333	P	Security update for samba (Moderate)	2020-12-01
oval:org.opensuse.security:def:31513	P	Security update for quagga	2020-12-01
oval:org.opensuse.security:def:32553	P	libicu-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31863	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:34368	P	Security update for tgt	2020-12-01
oval:org.opensuse.security:def:32866	P	g3utils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33232	P	perl-spamassassin on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26833	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25396	P	Security update for perl-DBI (Important)	2020-12-01
oval:org.opensuse.security:def:25726	P	Security update for python36 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26275	P	Security update for freerdp (Important)	2020-12-01
oval:org.opensuse.security:def:27010	P	pcsc-lite on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25597	P	Security update for squid (Critical)	2020-12-01
oval:org.opensuse.security:def:25881	P	Security update for flash-player (Important)	2020-12-01
oval:org.opensuse.security:def:26636	P	rsync on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25860	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:26437	P	Security update for enigmail (Important)	2020-12-01
oval:org.opensuse.security:def:29597	P	Security update for atftp (Important)	2020-12-01
oval:org.opensuse.security:def:29284	P	Security update for xorg-x11-server (Important)	2020-12-01
oval:org.opensuse.security:def:32055	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:32798	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31514	P	Security update for quagga (Moderate)	2020-12-01
oval:org.opensuse.security:def:31823	P	Security update for bash (Moderate)	2020-12-01
oval:org.opensuse.security:def:32443	P	Security update for xen (Moderate)	2020-12-01
oval:org.opensuse.security:def:32597	P	puppet on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31777	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:31995	P	Security update for java-1_7_1-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32387	P	Security update for tomcat6 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33320	P	wget-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25460	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:25810	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26314	P	Security update for iperf (Moderate)	2020-12-01
oval:org.opensuse.security:def:27045	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25608	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:25938	P	Security update for evince (Important)	2020-12-01
oval:org.opensuse.security:def:26539	P	emacs on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27274	P	puppet on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:25861	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26490	P	Security update for pdns (Moderate)	2020-12-01
oval:org.opensuse.security:def:29641	P	Security update for ctags (Moderate)	2020-12-01
oval:org.opensuse.security:def:28844	P	Security update for wireshark	2020-12-01
oval:org.opensuse.security:def:29056	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:31387	P	Security update for openvpn-openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:31525	P	Security update for rsyslog	2020-12-01
oval:org.opensuse.security:def:31880	P	Security update for dhcpcd (Important)	2020-12-01
oval:org.opensuse.security:def:32492	P	boost-license on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33235	P	powerpc-utils on GA media (Moderate)	2020-12-01
oval:org.mitre.oval:def:21847	P	RHSA-2011:0332: scsi-target-utils security update (Important)	2015-03-09
oval:org.mitre.oval:def:13545	P	USN-1156-1 -- tgt vulnerabilities	2014-06-30
oval:org.mitre.oval:def:12861	P	DSA-2209-1 tgt -- double free	2014-06-23
oval:org.mitre.oval:def:23633	P	ELSA-2011:0332: scsi-target-utils security update (Important)	2014-05-26
oval:com.ubuntu.precise:def:20110001000	V	CVE-2011-0001 on Ubuntu 12.04 LTS (precise) - medium.	2011-03-15
oval:com.redhat.rhsa:def:20110332	P	RHSA-2011:0332: scsi-target-utils security update (Important)	2011-03-09

BACK