Mandrake Local Security Checks : Mandriva Security Advisory MDVSA-2010:131 (iscsitarget)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.67675

Categoría: Mandrake Local Security Checks

Título: Mandriva Security Advisory MDVSA-2010:131 (iscsitarget)

Resumen: NOSUMMARY

Descripción: Description:
The remote host is missing an update to iscsitarget
announced via advisory MDVSA-2010:131.

Multiple format string and buffer overflow vulnerabilities has been
found and corrected in iscsitarget (CVE-2010-0743, CVE-2010-2221).

The updated packages have been patched to correct these issues.

Affected: Enterprise Server 5.0

Solution:
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:131

Risk factor : Medium

CVSS Score:
5.0

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2010-0743
39127
http://www.securityfocus.com/bid/39127
39142
http://secunia.com/advisories/39142
39726
http://secunia.com/advisories/39726
ADV-2010-1786
http://www.vupen.com/english/advisories/2010/1786
DSA-2042
http://www.debian.org/security/2010/dsa-2042
MDVSA-2010:131
http://www.mandriva.com/security/advisories?name=MDVSA-2010:131
SUSE-SR:2010:017
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
[oss-security] 20100331 iscsitarget/scsi-target-tuils format string CVE assignment
http://marc.info/?l=oss-security&m=127005132403189&w=2
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=574935
http://git.kernel.org/?p=linux/kernel/git/tomo/tgt.git%3Ba=commit%3Bh=107d922706cd36f3bb79bcca9bc4678c32f22e59
https://bugzilla.redhat.com/show_bug.cgi?id=576359
lstf-isns-format-string(57496)
https://exchange.xforce.ibmcloud.com/vulnerabilities/57496
oval:org.mitre.oval:def:11248
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11248
Common Vulnerability Exposure (CVE) ID: CVE-2010-2221
1024175
http://www.securitytracker.com/id?1024175
20100702 TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow
http://archives.neohapsis.com/archives/bugtraq/2010-07/0022.html
http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0058.html
40485
http://secunia.com/advisories/40485
40494
http://secunia.com/advisories/40494
40495
http://secunia.com/advisories/40495
41327
http://www.securityfocus.com/bid/41327
65990
http://www.osvdb.org/65990
65991
http://www.osvdb.org/65991
65992
http://www.osvdb.org/65992
ADV-2010-1760
http://www.vupen.com/english/advisories/2010/1760
RHSA-2010:0518
http://www.redhat.com/support/errata/RHSA-2010-0518.html
[iscsitarget-devel] 20100701 [patch] fix iSNS bounds checking
http://sourceforge.net/mailarchive/forum.php?thread_name=E2BB8074E5500C42984D980D4BD78EF904075006%40MFG-NYC-EXCH2.mfg.prv&forum_name=iscsitarget-devel
[stgt] 20100701 1.0.6 released
http://lists.wpkg.org/pipermail/stgt/2010-July/003858.html
http://scst.svn.sourceforge.net/viewvc/scst/trunk/iscsi-scst/usr/isns.c?r1=1793&r2=1792&pathrev=1793
http://scst.svn.sourceforge.net/viewvc/scst?view=revision&revision=1793
https://bugzilla.redhat.com/show_bug.cgi?id=593877

Copyright Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.67675
Categoría:	Mandrake Local Security Checks
Título:	Mandriva Security Advisory MDVSA-2010:131 (iscsitarget)
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing an update to iscsitarget announced via advisory MDVSA-2010:131. Multiple format string and buffer overflow vulnerabilities has been found and corrected in iscsitarget (CVE-2010-0743, CVE-2010-2221). The updated packages have been patched to correct these issues. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. https://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2010:131 Risk factor : Medium CVSS Score: 5.0
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0743 39127 http://www.securityfocus.com/bid/39127 39142 http://secunia.com/advisories/39142 39726 http://secunia.com/advisories/39726 ADV-2010-1786 http://www.vupen.com/english/advisories/2010/1786 DSA-2042 http://www.debian.org/security/2010/dsa-2042 MDVSA-2010:131 http://www.mandriva.com/security/advisories?name=MDVSA-2010:131 SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html [oss-security] 20100331 iscsitarget/scsi-target-tuils format string CVE assignment http://marc.info/?l=oss-security&m=127005132403189&w=2 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=574935 http://git.kernel.org/?p=linux/kernel/git/tomo/tgt.git%3Ba=commit%3Bh=107d922706cd36f3bb79bcca9bc4678c32f22e59 https://bugzilla.redhat.com/show_bug.cgi?id=576359 lstf-isns-format-string(57496) https://exchange.xforce.ibmcloud.com/vulnerabilities/57496 oval:org.mitre.oval:def:11248 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11248 Common Vulnerability Exposure (CVE) ID: CVE-2010-2221 1024175 http://www.securitytracker.com/id?1024175 20100702 TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow http://archives.neohapsis.com/archives/bugtraq/2010-07/0022.html http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0058.html 40485 http://secunia.com/advisories/40485 40494 http://secunia.com/advisories/40494 40495 http://secunia.com/advisories/40495 41327 http://www.securityfocus.com/bid/41327 65990 http://www.osvdb.org/65990 65991 http://www.osvdb.org/65991 65992 http://www.osvdb.org/65992 ADV-2010-1760 http://www.vupen.com/english/advisories/2010/1760 RHSA-2010:0518 http://www.redhat.com/support/errata/RHSA-2010-0518.html [iscsitarget-devel] 20100701 [patch] fix iSNS bounds checking http://sourceforge.net/mailarchive/forum.php?thread_name=E2BB8074E5500C42984D980D4BD78EF904075006%40MFG-NYC-EXCH2.mfg.prv&forum_name=iscsitarget-devel [stgt] 20100701 1.0.6 released http://lists.wpkg.org/pipermail/stgt/2010-July/003858.html http://scst.svn.sourceforge.net/viewvc/scst/trunk/iscsi-scst/usr/isns.c?r1=1793&r2=1792&pathrev=1793 http://scst.svn.sourceforge.net/viewvc/scst?view=revision&revision=1793 https://bugzilla.redhat.com/show_bug.cgi?id=593877
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com