Signature Detail

APP: iSCSI target Multiple Implementations Format String Code Execution

This signature detects attempts to exploit a known format string vulnerability in multiple implementations iSCSI target. iSCSI, an abbreviation of Internet Small Computer System Interface, is an Internet Protocol (IP)-based storage networking standard for linking data storage facilities. It can be leveraged by remote unauthenticated attackers to inject and execute arbitrary code on a vulnerable system.

Extended Description

iSCSI Enterprise Target and tgt are prone to multiple format-string vulnerabilities because they fail to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. An attacker may exploit these issues to execute arbitrary code in the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition. Other attacks may also be possible, including data loss or corruption.

Affected Products

• Debian linux 5.0
• Debian linux 5.0 Alpha
• Debian linux 5.0 Amd64
• Debian linux 5.0 Arm
• Debian linux 5.0 Armel
• Debian linux 5.0 Hppa
• Debian linux 5.0 Ia-32
• Debian linux 5.0 Ia-64
• Debian linux 5.0 M68k
• Debian linux 5.0 Mips
• Debian linux 5.0 Mipsel
• Debian linux 5.0 Powerpc
• Debian linux 5.0 S/390
• Debian linux 5.0 Sparc
• Gentoo linux
• Iscsi_enterprise_target iscsi_enterprise_target 0.4.15
• Iscsi_enterprise_target iscsi_enterprise_target 0.4.16
• Mandriva enterprise_server 5
• Mandriva enterprise_server 5 X86 64
• Red_hat cluster-storage_server 5
• Red_hat enterprise_linux 5 Server
• Red_hat fedora 11
• Red_hat fedora 12
• Slackware linux 12.2
• Slackware linux 13.0
• Slackware linux 13.0 X86 64
• Slackware linux -Current
• Slackware linux X86 64 -Current
• Tgt_project linux_scsi_target_framework_(tgt) 0.9.5

References

• BugTraq: 39127
• CVE: CVE-2010-0743