First published: Thu Jun 14 2007(Updated: )
usr/log.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 uses a semaphore with insecure permissions (world-writable/world-readable) for managing log messages using shared memory, which allows local users to cause a denial of service (hang) by grabbing the semaphore.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Redhat Enterprise Linux | =5.0 | |
Redhat Enterprise Linux | =5.0 | |
Redhat Open Iscsi | <=2.0-864 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.