CVE-2007-3099
EPSS 0.23%open-iscsi
Published: 6/14/2007Modified: 4/28/2026
Description
usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).
Affected packages (2)
- Debian/open-iscsifrom 0, < 2.0.865-1
- Debian/open-iscsifrom 0, < 2.0.730-1etch1