Test ID:	1.3.6.1.4.1.25623.1.0.67675
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2010:131 (iscsitarget)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to iscsitarget announced via advisory MDVSA-2010:131. Multiple format string and buffer overflow vulnerabilities has been found and corrected in iscsitarget (CVE-2010-0743, CVE-2010-2221). The updated packages have been patched to correct these issues. Affected: Enterprise Server 5.0 Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2010:131 Risk factor : Medium CVSS Score: 5.0
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2010-0743 39127 http://www.securityfocus.com/bid/39127 39142 http://secunia.com/advisories/39142 39726 http://secunia.com/advisories/39726 ADV-2010-1786 http://www.vupen.com/english/advisories/2010/1786 DSA-2042 http://www.debian.org/security/2010/dsa-2042 MDVSA-2010:131 http://www.mandriva.com/security/advisories?name=MDVSA-2010:131 SUSE-SR:2010:017 http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html [oss-security] 20100331 iscsitarget/scsi-target-tuils format string CVE assignment http://marc.info/?l=oss-security&m=127005132403189&w=2 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=574935 http://git.kernel.org/?p=linux/kernel/git/tomo/tgt.git%3Ba=commit%3Bh=107d922706cd36f3bb79bcca9bc4678c32f22e59 https://bugzilla.redhat.com/show_bug.cgi?id=576359 lstf-isns-format-string(57496) https://exchange.xforce.ibmcloud.com/vulnerabilities/57496 oval:org.mitre.oval:def:11248 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11248 Common Vulnerability Exposure (CVE) ID: CVE-2010-2221 1024175 http://www.securitytracker.com/id?1024175 20100702 TELUS Security Labs VR - iSCSI target Multiple Implementations iSNS Stack Buffer Overflow http://archives.neohapsis.com/archives/bugtraq/2010-07/0022.html http://archives.neohapsis.com/archives/fulldisclosure/2010-07/0058.html 40485 http://secunia.com/advisories/40485 40494 http://secunia.com/advisories/40494 40495 http://secunia.com/advisories/40495 41327 http://www.securityfocus.com/bid/41327 65990 http://www.osvdb.org/65990 65991 http://www.osvdb.org/65991 65992 http://www.osvdb.org/65992 ADV-2010-1760 http://www.vupen.com/english/advisories/2010/1760 RHSA-2010:0518 http://www.redhat.com/support/errata/RHSA-2010-0518.html [iscsitarget-devel] 20100701 [patch] fix iSNS bounds checking http://sourceforge.net/mailarchive/forum.php?thread_name=E2BB8074E5500C42984D980D4BD78EF904075006%40MFG-NYC-EXCH2.mfg.prv&forum_name=iscsitarget-devel [stgt] 20100701 1.0.6 released http://lists.wpkg.org/pipermail/stgt/2010-July/003858.html http://scst.svn.sourceforge.net/viewvc/scst/trunk/iscsi-scst/usr/isns.c?r1=1793&r2=1792&pathrev=1793 http://scst.svn.sourceforge.net/viewvc/scst?view=revision&revision=1793 https://bugzilla.redhat.com/show_bug.cgi?id=593877
Copyright	Copyright (c) 2010 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.