 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.58362 |
| Category: | Debian Local Security Checks |
| Title: | Debian: Security Advisory (DSA-1314-1) |
| Summary: | The remote host is missing an update for the Debian 'open-iscsi' package(s) announced via the DSA-1314-1 advisory. |
| Description: | Summary: The remote host is missing an update for the Debian 'open-iscsi' package(s) announced via the DSA-1314-1 advisory. Vulnerability Insight: Several local and remote vulnerabilities have been discovered in open-iscsi, a transport-independent iSCSI implementation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2007-3099 Olaf Kirch discovered that due to a programming error access to the management interface socket was insufficiently protected, which allows denial of service. CVE-2007-3100 Olaf Kirch discovered that access to a semaphore used in the logging code was insufficiently protected, allowing denial of service. The oldstable distribution (sarge) doesn't include open-iscsi. For the stable distribution (etch) these problems have been fixed in version 2.0.730-1etch1. For the unstable distribution (sid) these problems have been fixed in version 2.0.865-1. We recommend that you upgrade your open-iscsi packages. Affected Software/OS: 'open-iscsi' package(s) on Debian 4. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2007-3099 1018246 http://www.securitytracker.com/id?1018246 24471 http://www.securityfocus.com/bid/24471 25679 http://secunia.com/advisories/25679 25749 http://secunia.com/advisories/25749 26438 http://secunia.com/advisories/26438 26543 http://secunia.com/advisories/26543 37269 http://osvdb.org/37269 DSA-1314 http://www.debian.org/security/2007/dsa-1314 RHSA-2007:0497 http://www.redhat.com/support/errata/RHSA-2007-0497.html SUSE-SR:2007:017 http://www.novell.com/linux/security/advisories/2007_17_sr.html http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=243719 http://support.novell.com/techcenter/psdb/187174044e1dbe78726bcf840f7530ed.html http://svn.berlios.de/viewcvs/open-iscsi?rev=857&view=rev openiscsi-mgmtipc-dos(34944) https://exchange.xforce.ibmcloud.com/vulnerabilities/34944 oval:org.mitre.oval:def:11595 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11595 Common Vulnerability Exposure (CVE) ID: CVE-2007-3100 37270 http://osvdb.org/37270 http://svn.berlios.de/viewcvs/open-iscsi?rev=858&view=rev openiscsi-log-dos(34943) https://exchange.xforce.ibmcloud.com/vulnerabilities/34943 oval:org.mitre.oval:def:10653 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10653 |
| Copyright | Copyright (C) 2008 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |