Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.69330
Category:Debian Local Security Checks
Title:Debian Security Advisory DSA 2194-1 (libvirt)
Summary:The remote host is missing an update to libvirt;announced via advisory DSA 2194-1.
Description:Summary:
The remote host is missing an update to libvirt
announced via advisory DSA 2194-1.

Vulnerability Insight:
It was discovered that libvirt, a library for interfacing with different
virtualization systems, did not properly check for read-only connections.
This allowed a local attacker to perform a denial of service (crash) or
possibly escalate privileges.

The oldstable distribution (lenny) is not affected by this problem.

For the stable distribution (squeeze), this problem has been fixed in
version 0.8.3-5+squeeze1.

For the testing distribution (wheezy), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in
version 0.8.8-3.

Solution:
We recommend that you upgrade your libvirt packages.

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-1146
BugTraq ID: 46820
http://www.securityfocus.com/bid/46820
Debian Security Information: DSA-2194 (Google Search)
http://www.debian.org/security/2011/dsa-2194
http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056209.html
http://openwall.com/lists/oss-security/2011/03/09/3
http://openwall.com/lists/oss-security/2011/03/10/5
http://www.redhat.com/support/errata/RHSA-2011-0391.html
http://www.securitytracker.com/id?1025262
http://secunia.com/advisories/43670
http://secunia.com/advisories/43780
http://secunia.com/advisories/43897
http://secunia.com/advisories/43917
http://secunia.com/advisories/44069
SuSE Security Announcement: openSUSE-SU-2011:0311 (Google Search)
http://lists.opensuse.org/opensuse-updates/2011-04/msg00022.html
http://www.ubuntu.com/usn/USN-1094-1
http://www.vupen.com/english/advisories/2011/0694
http://www.vupen.com/english/advisories/2011/0700
http://www.vupen.com/english/advisories/2011/0794
http://www.vupen.com/english/advisories/2011/0805
XForce ISS Database: libvirt-apicalls-dos(66012)
https://exchange.xforce.ibmcloud.com/vulnerabilities/66012
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.