Launchpad CVE tracker

CVE 2007-3100

usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore.

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securitytra...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://osvdb.org/37270
MISC: http://www.debian.org/...
MISC: http://www.redhat.com/...
MISC: http://www.novell.com/...
MISC: http://bugzilla.redhat...
MISC: http://support.novell....
MISC: http://svn.berlios.de/...
MISC: https://exchange.xforc...
MISC: https://oval.cisecurit...

Launchpad.net

CVE 2007-3100

Related bugs

References