SuSE Linux SCSI command firmware overwrite
| suse-scsi-firmware-overwrite (18370) |  High Risk |
Description:
SuSE Linux could allow a local attacker to overwrite a Small Computer Systems Interface (SCSI) device's firmware. A local attacker, with read-only access, could send SCSI commands to SCSI devices to overwrite firmware, which could cause the device to fail.
Platforms Affected:
- RedHat, Enterprise Linux 4 AS
- RedHat, Enterprise Linux 4 ES
- RedHat, Enterprise Linux 4 WS
- RedHat, Enterprise Linux 4 Desktop
- SuSE, SuSE Linux 9.0
- SuSE, SuSE SLES 9
Remedy:
For SuSE Linux:
Install the fixed kernels. Refer to SuSE Security Announcement SUSE-SA:2004:042 for more information. See References.
For other distributions:
Contact your vendor for upgrade or patch information.
Consequences:
Gain Privileges
References:
- BID-11784: SuSE Linux Kernel Unauthorized SCSI Command Vulnerability
- CVE-2004-1190: SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices.
- RHSA-2006-0101: kernel security update
Reported:
Dec 01, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net