CVE-2007-3099

Publication date 14 June 2007

Last updated 17 July 2025

Ubuntu priority

Description

usr/mgmt_ipc.c in iscsid in open-iscsi (iscsi-initiator-utils) before 2.0-865 checks the client's UID on the listening AF_LOCAL socket instead of the new connection, which allows remote attackers to access the management interface and cause a denial of service (iscsid exit or iSCSI connection loss).

Status

Show unmaintained releases

Package	Ubuntu Release	Status
open-iscsi	8.04 LTS hardy	Not affected
	7.10 gutsy	Not affected
	7.04 feisty	Ignored end of life, was needed
	6.10 edgy	Not in release
	6.06 LTS dapper	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Other references

https://www.cve.org/CVERecord?id=CVE-2007-3099

CVE-2007-3099

Description

Status

References

Other references

Access our resources on patching vulnerabilities