thr3ads.net - Secure testing team - [Secure-testing-team] Bug#574935: iscsitarget: Format string vulnerability [Mar 2010]

If this information is useful, please help other people find it:
Share via:

Florent Daigniere

2010-Mar-22 09:58 UTC

[Secure-testing-team] Bug#574935: iscsitarget: Format string vulnerability

Package: iscsitarget
Version: 0.4.16+svn162-3
Severity: critical
Tags: security
Justification: root security hole


There is at least two remotely exploitable format string vulnerabilities in the
debian stable package... which have been fixed upstream.

isns.c:302
isns.c:690

The default init script encourage users to run ietd as root (see the following
bugs)

#545536 iscsitarget: allow running as non-root
#566509 New upstream version

Please fix it.

-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, ''stable'')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages iscsitarget depends on:
ii  libc6                   2.7-18lenny2     GNU C Library: Shared libraries
ii  libssl0.9.8             0.9.8g-15+lenny6 SSL shared libraries

Versions of packages iscsitarget recommends:
pn  iscsitarget-module            <none>     (no description available)

Versions of packages iscsitarget suggests:
pn  iscsitarget-source            <none>     (no description available)

-- no debconf information

Secure testing team - Mar 2010 - Bug#574935: iscsitarget: Format string vulnerability

[Secure-testing-team] Bug#574935: iscsitarget: Format string vulnerability