CVE Vulnerabilities

CVE-2011-0001

Published: Mar 15, 2011 | Modified: Nov 07, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Double free vulnerability in the iscsi_rx_handler function (usr/iscsi/iscsid.c) in the tgt daemon (tgtd) in Linux SCSI target framework (tgt) before 1.0.14, aka scsi-target-utils, allows remote attackers to cause a denial of service (memory corruption and crash) and possibly execute arbitrary code via unknown vectors related to a buffer overflow during iscsi login. NOTE: some of these details are obtained from third party information.

Affected Software

Name Vendor Start Version End Version
Tgt Zaal 1.0.5 1.0.5
Tgt Zaal 1.0.3 1.0.3
Tgt Zaal 1.0.9 1.0.9
Tgt Zaal 1.0.6 1.0.6
Tgt Zaal 1.0.12 1.0.12
Tgt Zaal 0.9.5 0.9.5
Tgt Zaal * 1.0.13
Tgt Zaal 1.0.4 1.0.4
Tgt Zaal 1.0.1 1.0.1
Tgt Zaal 1.0.11 1.0.11
Tgt Zaal 1.0.2 1.0.2
Tgt Zaal 1.0.8 1.0.8
Tgt Zaal 1.0.7 1.0.7
Tgt Zaal 1.0.0 1.0.0
Tgt Zaal 1.0.10 1.0.10

References