Vulnerability Details : CVE-2010-2221


CVE Name: CVE-2010-2221: Code Execution, Dos, Memory Corruption vulnerability on Zaal Tgt, Linux Linux Kernel, Arne Redlich & Ross Walker Iscsitarget, Vladislav Bolkhovitin Generic Scsi Target Subsystem
Description: Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.
Publish date: 2010-07-08T18:30Z
Last Update: 2010-09-30T06:01Z

CVSS Scores & Vulnerability Types


CVSS Score
Confidentiality ImpactNONE
Integrity ImpactNONE
Availability ImpactPARTIAL
Actack VectorNETWORK
Actack ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
ScopeNo info
Vulnerability Type(s)Code Execution, Dos, Memory Corruption
CWE ID119

Products Affected By CVE-2010-2221


Detail of Verions Affected


# Product Type Vendor Product Version
1 Application Zaal Tgt 1.0.1
2 Application Zaal Tgt 1.0.2
3 Application Zaal Tgt 1.0.0
4 Application Zaal Tgt 1.0.3
5 Application Zaal Tgt 0.9.5
6 Application Zaal Tgt 1.0.4
7 Application Zaal Tgt *
8 Operating System Linux Linux Kernel *
9 Application Arne Redlich & Ross Walker Iscsitarget 1.4.19
10 Application Arne Redlich & Ross Walker Iscsitarget 1.4.18
11 Application Arne Redlich & Ross Walker Iscsitarget 0.4.11
12 Application Arne Redlich & Ross Walker Iscsitarget 0.4.10
13 Application Arne Redlich & Ross Walker Iscsitarget 0.4.3
14 Application Arne Redlich & Ross Walker Iscsitarget 0.4.2
15 Application Arne Redlich & Ross Walker Iscsitarget 0.3.4
16 Application Arne Redlich & Ross Walker Iscsitarget 0.3.3
17 Application Arne Redlich & Ross Walker Iscsitarget 0.3.2
18 Application Arne Redlich & Ross Walker Iscsitarget 0.2.2
19 Application Arne Redlich & Ross Walker Iscsitarget 0.2.1
20 Application Arne Redlich & Ross Walker Iscsitarget 0.4.13
21 Application Arne Redlich & Ross Walker Iscsitarget 0.4.12
22 Application Arne Redlich & Ross Walker Iscsitarget 0.4.5
23 Application Arne Redlich & Ross Walker Iscsitarget 0.4.4
24 Application Arne Redlich & Ross Walker Iscsitarget 0.3.6
25 Application Arne Redlich & Ross Walker Iscsitarget 0.3.5
26 Application Arne Redlich & Ross Walker Iscsitarget 0.2.4
27 Application Arne Redlich & Ross Walker Iscsitarget 0.2.3
28 Application Arne Redlich & Ross Walker Iscsitarget 0.4.17
29 Application Arne Redlich & Ross Walker Iscsitarget 0.4.16
30 Application Arne Redlich & Ross Walker Iscsitarget 0.4.9
31 Application Arne Redlich & Ross Walker Iscsitarget 0.4.8
32 Application Arne Redlich & Ross Walker Iscsitarget 0.4.1
33 Application Arne Redlich & Ross Walker Iscsitarget 0.4.0
34 Application Arne Redlich & Ross Walker Iscsitarget 0.3.1
35 Application Arne Redlich & Ross Walker Iscsitarget 0.3.0
36 Application Arne Redlich & Ross Walker Iscsitarget 0.2.0
37 Application Arne Redlich & Ross Walker Iscsitarget 0.1.0
38 Application Arne Redlich & Ross Walker Iscsitarget 0.4.15
39 Application Arne Redlich & Ross Walker Iscsitarget 0.4.14
40 Application Arne Redlich & Ross Walker Iscsitarget 0.4.7
41 Application Arne Redlich & Ross Walker Iscsitarget 0.4.6
42 Application Arne Redlich & Ross Walker Iscsitarget 0.3.8
43 Application Arne Redlich & Ross Walker Iscsitarget 0.3.7
44 Application Arne Redlich & Ross Walker Iscsitarget 0.2.6
45 Application Arne Redlich & Ross Walker Iscsitarget 0.2.5
46 Application Arne Redlich & Ross Walker Iscsitarget *
47 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 1.0.0
48 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.5.2
49 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.2
50 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.1
51 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem *
52 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.3 Pre4
53 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.3 Pre2
54 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.3 Pre1
55 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.5.1
56 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.5
57 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.0A
58 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.4
59 Application Vladislav Bolkhovitin Generic Scsi Target Subsystem 0.9.3
60 Operating System Linux Linux Kernel *