CVE-2007-3099
EPSS 0.23%open-iscsi
發布日:2007/6/14修改日:2026/4/28
也稱為:DEBIAN-CVE-2007-3099
描述
usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).
受影響套件(2)
- Debian/open-iscsifrom 0, < 2.0.865-1
- Debian/open-iscsifrom 0, < 2.0.730-1etch1