Debian Open-Iscsi vulnerabilities

CVE-2020-13988 [HIGH] CVE-2020-13988: open-iscsi - An issue was discovered in Contiki through 3.0. An Integer Overflow exists in th... An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c. Scope: local bookworm: resolved (fixed in 2.1.3-1) bullseye: resolved (fixed in 2.1.3-1) forky: resolved (fixed in 2.1.3-1) sid: resolved (fixed in 2.1.3-1) trixie: reso

CVE-2020-17437 [HIGH] CVE-2020-17437: open-iscsi - An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. W... An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in

CVE-2020-13987 [HIGH] CVE-2020-13987: open-iscsi - An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerabil... An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c. Scope: local bookworm: resolved (fixed in 2.1.3-1) bullseye: resolved (fixed in 2.1.3-1) forky: resolved (fixed in 2.1.3-1) sid: resolved (fixed in 2.1.3

CVE-2017-17840 [HIGH] CVE-2017-17840: open-iscsi - An issue was discovered in Open-iSCSI through 2.0.875. A local attacker can caus... An issue was discovered in Open-iSCSI through 2.0.875. A local attacker can cause the iscsiuio server to abort or potentially execute code by sending messages with incorrect lengths, which (due to lack of checking) can lead to buffer overflows, and result in aborts (with overflow checking enabled) or code execution. The process_iscsid_broadcast function in iscsiu

CVE-2009-1297 [MEDIUM] CVE-2009-1297: open-iscsi - iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux ... iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and SUSE Linux Enterprise (SLE) 10 SP2 and 11, and other operating systems, allows local users to overwrite arbitrary files via a symlink attack on an unspecified temporary file that has a predictable name. Scope: local bookworm: resolved (fixed in 2.0.871-1) bullseye: resolved (fixed in 2.0.871-1)

CVE-2007-3099 [LOW] CVE-2007-3099: open-iscsi - usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 ch... usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss). Scope: local bookworm: resolved (fixed in 2.0.865-1) bullseye: reso

CVE-2007-3100 [LOW] CVE-2007-3100: open-iscsi - usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a ... usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore. Scope: local bookworm: resolved (fixed in 2.0.865-1) bullseye: resolved (fixed in 2.0