 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.67302 |
| Categoría: | Red Hat Local Security Checks |
| Título: | RedHat Security Advisory RHSA-2010:0362 |
| Resumen: | NOSUMMARY |
| Descripción: | Description: The remote host is missing updates announced in advisory RHSA-2010:0362. The scsi-target-utils package contains the daemon and tools to set up and monitor SCSI targets. Currently, iSCSI software and iSER targets are supported. A format string flaw was found in scsi-target-utils' tgtd daemon. A remote attacker could trigger this flaw by sending a carefully-crafted Internet Storage Name Service (iSNS) request, causing the tgtd daemon to crash. (CVE-2010-0743) All scsi-target-utils users should upgrade to this updated package, which contains a backported patch to correct this issue. All running scsi-target-utils services must be restarted for the update to take effect. Solution: Please note that this update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date http://rhn.redhat.com/errata/RHSA-2010-0362.html http://www.redhat.com/security/updates/classification/#important Risk factor : Medium CVSS Score: 5.0 |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-0743 39127 http://www.securityfocus.com/bid/39127 39142 http://secunia.com/advisories/39142 39726 http://secunia.com/advisories/39726 ADV-2010-1786 http://www.vupen.com/english/advisories/2010/1786 DSA-2042 http://www.debian.org/security/2010/dsa-2042 MDVSA-2010:131 http://www.mandriva.com/security/advisories?name=MDVSA-2010:131 SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html [oss-security] 20100331 iscsitarget/scsi-target-tuils format string CVE assignment http://marc.info/?l=oss-security&m=127005132403189&w=2 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=574935 http://git.kernel.org/?p=linux/kernel/git/tomo/tgt.git%3Ba=commit%3Bh=107d922706cd36f3bb79bcca9bc4678c32f22e59 https://bugzilla.redhat.com/show_bug.cgi?id=576359 lstf-isns-format-string(57496) https://exchange.xforce.ibmcloud.com/vulnerabilities/57496 oval:org.mitre.oval:def:11248 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11248 |
| Copyright | Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |