VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Jul 8, 2010· Updated Apr 29, 2026

CVE-2010-2221

CVE-2010-2221

Description

Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4.20.1 and earlier, and (3) Generic SCSI Target Subsystem for Linux (aka SCST or iscsi-scst) 1.0.1.1 and earlier allow remote attackers to cause a denial of service (memory corruption and daemon crash) or possibly execute arbitrary code via (a) a long iSCSI Name string in an SCN message or (b) an invalid PDU.

Affected products

58
  • Arne Redlich \& Ross Walker/Iscsitarget38 versions
    cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.3.4:*:*:*:*:*:*:*+ 37 more
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:*:*:*:*:*:*:*:*range: <=1.4.20
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.12:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.13:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.14:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.15:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.16:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.17:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:1.4.18:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:1.4.19:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.7:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.8:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.9:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.10:*:*:*:*:*:*:*
    • cpe:2.3:a:arne_redlich_\&_ross_walker:iscsitarget:0.4.11:*:*:*:*:*:*:*
  • Zaal/Tgt7 versions
    cpe:2.3:a:zaal:tgt:*:*:*:*:*:*:*:*+ 6 more
    • cpe:2.3:a:zaal:tgt:*:*:*:*:*:*:*:*range: <=1.0.5
    • cpe:2.3:a:zaal:tgt:0.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:zaal:tgt:1.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:zaal:tgt:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:zaal:tgt:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:zaal:tgt:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:zaal:tgt:1.0.4:*:*:*:*:*:*:*
  • Vladislav Bolkhovitin/Generic Scsi Target Subsystem13 versions
    cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:*:*:*:*:*:*:*:*+ 12 more
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:*:*:*:*:*:*:*:*range: <=1.0.1
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.0a:*:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.3:*:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.3:pre1:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.3:pre2:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.3:pre4:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.4:*:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:0.9.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:vladislav_bolkhovitin:generic_scsi_target_subsystem:1.0.0:*:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

20

News mentions

0

No linked articles in our index yet.