ID CVE-2007-3099
Summary usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).
References
Vulnerable Configurations
  • cpe:2.3:o:redhat:enterprise_linux:5.0:-:desktop
    cpe:2.3:o:redhat:enterprise_linux:5.0:-:desktop
  • cpe:2.3:o:redhat:enterprise_linux:5.0:-:server
    cpe:2.3:o:redhat:enterprise_linux:5.0:-:server
CVSS
Base: 2.1 (as of 15-06-2007 - 14:17)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family CentOS Local Security Checks
    NASL id CENTOS_RHSA-2007-0497.NASL
    description Updated iscsi-initiator-utils packages that fix a security flaw in open-iscsi are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The iscsi package provides the server daemon for the iSCSI protocol, as well as the utility programs used to manage it. iSCSI is a protocol for distributed disk access using SCSI commands sent over Internet Protocol networks. Olaf Kirch discovered two flaws in open-iscsi. A local attacker could use these flaws to cause the server daemon to stop responding, leading to a denial of service. (CVE-2007-3099, CVE-2007-3100). All users of open-iscsi should upgrade to this updated package which resolves these issues. Note: This issue did not affect Red Hat Enterprise Linux 2.1, 3, or 4. open-iscsi is available in Red Hat Enterprise Linux 5 as a Technology Preview.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 43643
    published 2010-01-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=43643
    title CentOS 5 : iscsi-initiator-utils (CESA-2007:0497)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2007-0543.NASL
    description This update to iscsi-initiator-utils is a rebase to the upstream open-iscsi-2.0-865 release. This release include two security fixes, bug fixes and new features. The tools in this release use a different db format, but the tools are able to read old and new formats. If you want to use the new features you must update the db, by rediscovering your targets and reconfiguring them (set per target CHAP, iscsi.node, iscsi.conn, etc settings again). Once the db has been updated you cannot use older tools on it. See the README and man pages for information on the new features. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-28
    plugin id 27669
    published 2007-11-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27669
    title Fedora 7 : iscsi-initiator-utils-6.2.0.865-0.0.fc7 (2007-0543)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPEN-ISCSI-4034.NASL
    description This update fixes insecure privileges and credential verification with the iscsi daemon. (CVE-2007-3099, CVE-2007-3100)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27362
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27362
    title openSUSE 10 Security Update : open-iscsi (open-iscsi-4034)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2007-0497.NASL
    description Updated iscsi-initiator-utils packages that fix a security flaw in open-iscsi are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The iscsi package provides the server daemon for the iSCSI protocol, as well as the utility programs used to manage it. iSCSI is a protocol for distributed disk access using SCSI commands sent over Internet Protocol networks. Olaf Kirch discovered two flaws in open-iscsi. A local attacker could use these flaws to cause the server daemon to stop responding, leading to a denial of service. (CVE-2007-3099, CVE-2007-3100). All users of open-iscsi should upgrade to this updated package which resolves these issues. Note: This issue did not affect Red Hat Enterprise Linux 2.1, 3, or 4. open-iscsi is available in Red Hat Enterprise Linux 5 as a Technology Preview.
    last seen 2019-02-21
    modified 2018-12-20
    plugin id 25523
    published 2007-06-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25523
    title RHEL 5 : iscsi-initiator-utils (RHSA-2007:0497)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1314.NASL
    description Several local and remote vulnerabilities have been discovered in open-iscsi, a transport-independent iSCSI implementation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-3099 Olaf Kirch discovered that due to a programming error access to the management interface socket was insufficiently protected, which allows denial of service. - CVE-2007-3100 Olaf Kirch discovered that access to a semaphore used in the logging code was insufficiently protected, allowing denial of service. The oldstable distribution (sarge) doesn't include open-iscsi.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 25558
    published 2007-06-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25558
    title Debian DSA-1314-1 : open-iscsi - several vulnerabilities
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPEN-ISCSI-4035.NASL
    description This update fixes some possible vulnerabilities in the open-iscsi daemon. (CVE-2007-3099 / CVE-2007-3100)
    last seen 2019-02-21
    modified 2012-05-17
    plugin id 29533
    published 2007-12-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=29533
    title SuSE 10 Security Update : open-iscsi (ZYPP Patch Number 4035)
  • NASL family Scientific Linux Local Security Checks
    NASL id SL_20070614_ISCSI_INITIATOR_UTILS_ON_SL5_X.NASL
    description Olaf Kirch discovered two flaws in open-iscsi. A local attacker could use these flaws to cause the server daemon to stop responding, leading to a denial of service. (CVE-2007-3099, CVE-2007-3100).
    last seen 2019-02-21
    modified 2019-01-07
    plugin id 60208
    published 2012-08-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=60208
    title Scientific Linux Security Update : iscsi-initiator-utils on SL5.x i386/x86_64
  • NASL family Oracle Linux Local Security Checks
    NASL id ORACLELINUX_ELSA-2007-0497.NASL
    description From Red Hat Security Advisory 2007:0497 : Updated iscsi-initiator-utils packages that fix a security flaw in open-iscsi are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The iscsi package provides the server daemon for the iSCSI protocol, as well as the utility programs used to manage it. iSCSI is a protocol for distributed disk access using SCSI commands sent over Internet Protocol networks. Olaf Kirch discovered two flaws in open-iscsi. A local attacker could use these flaws to cause the server daemon to stop responding, leading to a denial of service. (CVE-2007-3099, CVE-2007-3100). All users of open-iscsi should upgrade to this updated package which resolves these issues. Note: This issue did not affect Red Hat Enterprise Linux 2.1, 3, or 4. open-iscsi is available in Red Hat Enterprise Linux 5 as a Technology Preview.
    last seen 2019-02-21
    modified 2018-07-18
    plugin id 67523
    published 2013-07-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=67523
    title Oracle Linux 5 : iscsi-initiator-utils (ELSA-2007-0497)
oval via4
accepted 2013-04-29T04:14:51.928-04:00
class vulnerability
contributors
  • name Aharon Chernin
    organization SCAP.com, LLC
  • name Dragos Prisaca
    organization G2, Inc.
definition_extensions
  • comment The operating system installed on the system is Red Hat Enterprise Linux 5
    oval oval:org.mitre.oval:def:11414
  • comment The operating system installed on the system is CentOS Linux 5.x
    oval oval:org.mitre.oval:def:15802
  • comment Oracle Linux 5.x
    oval oval:org.mitre.oval:def:15459
description usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).
family unix
id oval:org.mitre.oval:def:11595
status accepted
submitted 2010-07-09T03:56:16-04:00
title usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).
version 18
redhat via4
advisories
rhsa
id RHSA-2007:0497
rpms iscsi-initiator-utils-0:6.2.0.742-0.6.el5
refmap via4
bid 24471
confirm
debian DSA-1314
osvdb 37269
sectrack 1018246
secunia
  • 25679
  • 25749
  • 26438
  • 26543
suse SUSE-SR:2007:017
xf openiscsi-mgmtipc-dos(34944)
Last major update 21-08-2010 - 01:07
Published 14-06-2007 - 15:30
Last modified 10-10-2017 - 21:32
Back to Top