CVE-2010-0743

Multiple format string vulnerabilities in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) 1.0.3, 0.9.5, and earlier and (2) iSCSI Enterprise Target (aka iscsitarget) 0.4.16 allow remote attackers to cause a denial of service (tgtd daemon crash) or possibly have unspecified other impact via vectors that involve the isns_attr_query and qry_rsp_handle functions, and are related to (a) client appearance and (b) client disappearance messages.

Multiple format string vulnerabilities in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) 1.0.3, 0.9.5, and earlier and (2) iSCSI Enterprise Target (aka iscsitarget) 0.4.16 allow remote attackers to cause a denial of service (tgtd daemon crash) or possibly have unspecified other impact via vectors that involve the isns_attr_query and qry_rsp_handle functions, and are related to (a) client appearance and (b) client disappearance messages.

Múltiples vulnerabilidades de formato de cadena en isns.c en (1) Linux SCSI target framework (también conocido como tgt o scsi-target-utils) v1.0.3, v0.9.5, y (2) iSCSI Enterprise Target (también conocido como iscsitarget) v0.4.16, permite a atacantes remotos provocar una denegación de servicio (caída de demonio tgtd) o posiblemente tener un acto desconocido a través de vectores que involucran a las funciones isns_attr_query y qry_rsp_handle, y que están relacionadas con los mensajes (a) "client appearance" y (b) "client disappearance".