Red Hat Local Security Checks : RedHat Security Advisory RHSA-2007:0497

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.58919

Categoría: Red Hat Local Security Checks

Título: RedHat Security Advisory RHSA-2007:0497

Resumen: NOSUMMARY

Descripción: Description:

The remote host is missing updates announced in
advisory RHSA-2007:0497.

The iscsi package provides the server daemon for the iSCSI protocol, as
well as the utility programs used to manage it. iSCSI is a protocol for
distributed disk access using SCSI commands sent over Internet Protocol
networks.

Olaf Kirch discovered two flaws in open-iscsi. A local attacker could use
these flaws to cause the server daemon to stop responding, leading to a
denial of service. (CVE-2007-3099, CVE-2007-3100).

All users of open-iscsi should upgrade to this updated package which
resolves these issues.

Note: This issue did not affect Red Hat Enterprise Linux 2.1, 3, or 4.
open-iscsi is available in Red Hat Enterprise Linux 5 as a Technology
Preview.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2007-0497.html
http://kbase.redhat.com/faq/FAQ_105_10521.shtm
http://www.redhat.com/security/updates/classification/#moderate

Risk factor : Medium

CVSS Score:
2.1

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2007-3099
1018246
http://www.securitytracker.com/id?1018246
24471
http://www.securityfocus.com/bid/24471
25679
http://secunia.com/advisories/25679
25749
http://secunia.com/advisories/25749
26438
http://secunia.com/advisories/26438
26543
http://secunia.com/advisories/26543
37269
http://osvdb.org/37269
DSA-1314
http://www.debian.org/security/2007/dsa-1314
RHSA-2007:0497
http://www.redhat.com/support/errata/RHSA-2007-0497.html
SUSE-SR:2007:017
http://www.novell.com/linux/security/advisories/2007_17_sr.html
http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719
http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html
http://svn.berlios.de/viewcvs/open-iscsi?rev=857&view=rev
openiscsi-mgmtipc-dos(34944)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34944
oval:org.mitre.oval:def:11595
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11595
Common Vulnerability Exposure (CVE) ID: CVE-2007-3100
37270
http://osvdb.org/37270
http://svn.berlios.de/viewcvs/open-iscsi?rev=858&view=rev
openiscsi-log-dos(34943)
https://exchange.xforce.ibmcloud.com/vulnerabilities/34943
oval:org.mitre.oval:def:10653
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10653

Copyright Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.58919
Categoría:	Red Hat Local Security Checks
Título:	RedHat Security Advisory RHSA-2007:0497
Resumen:	NOSUMMARY
Descripción:	Description: The remote host is missing updates announced in advisory RHSA-2007:0497. The iscsi package provides the server daemon for the iSCSI protocol, as well as the utility programs used to manage it. iSCSI is a protocol for distributed disk access using SCSI commands sent over Internet Protocol networks. Olaf Kirch discovered two flaws in open-iscsi. A local attacker could use these flaws to cause the server daemon to stop responding, leading to a denial of service. (CVE-2007-3099, CVE-2007-3100). All users of open-iscsi should upgrade to this updated package which resolves these issues. Note: This issue did not affect Red Hat Enterprise Linux 2.1, 3, or 4. open-iscsi is available in Red Hat Enterprise Linux 5 as a Technology Preview. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2007-0497.html http://kbase.redhat.com/faq/FAQ_105_10521.shtm http://www.redhat.com/security/updates/classification/#moderate Risk factor : Medium CVSS Score: 2.1
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3099 1018246 http://www.securitytracker.com/id?1018246 24471 http://www.securityfocus.com/bid/24471 25679 http://secunia.com/advisories/25679 25749 http://secunia.com/advisories/25749 26438 http://secunia.com/advisories/26438 26543 http://secunia.com/advisories/26543 37269 http://osvdb.org/37269 DSA-1314 http://www.debian.org/security/2007/dsa-1314 RHSA-2007:0497 http://www.redhat.com/support/errata/RHSA-2007-0497.html SUSE-SR:2007:017 http://www.novell.com/linux/security/advisories/2007_17_sr.html http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719 http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html http://svn.berlios.de/viewcvs/open-iscsi?rev=857&view=rev openiscsi-mgmtipc-dos(34944) https://exchange.xforce.ibmcloud.com/vulnerabilities/34944 oval:org.mitre.oval:def:11595 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11595 Common Vulnerability Exposure (CVE) ID: CVE-2007-3100 37270 http://osvdb.org/37270 http://svn.berlios.de/viewcvs/open-iscsi?rev=858&view=rev openiscsi-log-dos(34943) https://exchange.xforce.ibmcloud.com/vulnerabilities/34943 oval:org.mitre.oval:def:10653 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10653
Copyright	Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com