New Search

usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).

oval:org.mitre.oval:def:11595

usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).

Family:
unix
Status:
ACCEPTED
Platform(s):
  • Oracle Linux 5
  • CentOS Linux 5
  • Red Hat Enterprise Linux 5
Class:
vulnerability
Reference(s):
  • CVE-2007-3099
Product(s):