diff options
| author | Ritesh Raj Sarraf <rrs@researchut.com> | 2010-04-03 12:02:36 +0530 |
|---|---|---|
| committer | Mike Christie <michaelc@cs.wisc.edu> | 2010-04-06 22:56:47 -0500 |
| commit | ae1ef141b02a988d454390bbbe4779b2fc4c1489 (patch) | |
| tree | 8359603dbbe0fcf3e382aa4fc2b233d8ed519a8c /utils/iscsi_discovery | |
| parent | bfb062401dc9dd69a01f7f736db9baa92983a03b (diff) | |
| download | open-iscsi-ae1ef141b02a988d454390bbbe4779b2fc4c1489.tar.gz | |
Fix CVE-2009-1297
The MITRE CVE dictionary describes this issue as:
iscsi_discovery in open-iscsi in SUSE openSUSE 10.3 through 11.1 and
SUSE Linux Enterprise (SLE) 10 SP2 and 11 allows local users to
overwrite arbitrary files via a symlink attack on an unspecified
temporary file that has a predictable name.
Thanks to Colin Watson
Signed-off-by: Ritesh Raj Sarraf <rsarraf@netapp.com>
Diffstat (limited to 'utils/iscsi_discovery')
| -rwxr-xr-x | utils/iscsi_discovery | 10 |
1 files changed, 4 insertions, 6 deletions
diff --git a/utils/iscsi_discovery b/utils/iscsi_discovery index 1bddc25..d07ecc2 100755 --- a/utils/iscsi_discovery +++ b/utils/iscsi_discovery @@ -104,24 +104,22 @@ discover() connected=0 discovered=0 - df=/tmp/discovered.$$ dbg "starting discovery to $ip" - iscsiadm -m discovery --type sendtargets --portal ${ip}:${port} > ${df} - while read portal target + disc="$(iscsiadm -m discovery --type sendtargets --portal ${ip}:${port})" + echo "${disc}" | while read portal target do portal=${portal%,*} select_transport - done < ${df} + done - discovered=$(cat ${df} | wc -l) + discovered=$(echo "${disc}" | wc -l) if [ ${discovered} = 0 ]; then echo "failed to discover targets at ${ip}" exit 2 else echo "discovered ${discovered} targets at ${ip}" fi - /bin/rm -f ${df} } try_login() |