Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2011-1146
HistoryMar 15, 2011 - 5:55 p.m.

CVE-2011-1146

2011-03-1517:55:00
CWE-264
[email protected]
web.nvd.nist.gov
47
cve
2011
1146
red hat
libvirt
denial of service
remote attackers
code execution
api operations

7.6 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.075 Low

EPSS

Percentile

94.1%

JSON

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.

CPENameOperatorVersion
redhat:libvirtredhat libvirteq0.8.8

References

Related

prion 2
debiancve 2
ubuntucve 2
nessus 29
veracode 2
oraclelinux 3
openvas 33
ubuntu 2
redhat 3
altlinux 1
debian 1
securityvulns 4
fedora 6
centos 1
gentoo 1
cve 1
osv 16
prion
prion
Code injection
2011-03-15 17:55:00
Code injection
2008-12-19 17:30:00
debiancve
debiancve
CVE-2011-1146
2011-03-15 17:55:00
CVE-2008-5086
2008-12-19 17:30:00
ubuntucve
ubuntucve
CVE-2011-1146
2011-03-15 00:00:00
CVE-2008-5086
2008-12-19 00:00:00
nessus
nessus
Oracle Linux 5 / 6 : libvirt (ELSA-2011-0391)
2013-07-12 00:00:00
CentOS 5 : libvirt (CESA-2011:0391)
2011-04-29 00:00:00
Ubuntu 9.10 / 10.04 LTS / 10.10 : libvirt vulnerability (USN-1094-1)
2011-03-30 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:56:05
Privilege Escalation
2020-04-10 00:30:41
oraclelinux
oraclelinux
libvirt security update
2011-03-28 00:00:00
libvirt security, bug fix, and enhancement update
2011-07-31 00:00:00
libvirt security update
2009-03-19 00:00:00
openvas
openvas
Ubuntu Update for libvirt vulnerability USN-1094-1
2011-04-01 00:00:00
RedHat Update for libvirt RHSA-2011:0391-01
2012-06-06 00:00:00
CentOS Update for libvirt CESA-2011:0391 centos5 i386
2011-08-09 00:00:00
ubuntu
ubuntu
Libvirt vulnerability
2011-03-29 00:00:00
libvirt vulnerability
2008-12-18 00:00:00
redhat
redhat
(RHSA-2011:0391) Important: libvirt security update
2011-03-28 00:00:00
(RHSA-2009:0382) Moderate: libvirt security update
2009-03-19 00:00:00
(RHSA-2011:0439) Moderate: rhev-hypervisor security and bug fix update
2011-04-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 0.9.0-alt1
2011-04-06 00:00:00
debian
debian
[SECURITY] [DSA 2194-1] libvirt security update
2011-03-18 07:48:13
securityvulns
securityvulns
libvirt protection bypass
2011-03-23 00:00:00
[SECURITY] [DSA 2194-1] libvirt security update
2011-03-23 00:00:00
libvirt privilege escalation
2008-12-21 00:00:00
fedora
fedora
[SECURITY] Fedora 15 Update: libvirt-0.8.8-3.fc15
2011-03-19 05:50:43
[SECURITY] Fedora 13 Update: libvirt-0.8.2-6.fc13
2011-04-18 21:23:20
[SECURITY] Fedora 14 Update: libvirt-0.8.3-9.fc14
2011-04-11 21:00:16
centos
centos
libvirt security update
2011-04-28 14:15:01
gentoo
gentoo
libvirt: Multiple vulnerabilities
2012-02-27 00:00:00
cve
cve
CVE-2008-5086
2008-12-19 17:30:00
osv
osv
CVE-2022-0897
2022-03-25 19:15:10
CVE-2021-3667
2022-03-02 23:15:08
CVE-2021-3559
2021-05-24 12:15:07

7.6 High

AI Score

Confidence

Low

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.075 Low

EPSS

Percentile

94.1%

JSON
Related for CVE-2011-1146
prion2debiancve2ubuntucve2nessus29veracode2oraclelinux3openvas33ubuntu2redhat3altlinux1debian1securityvulns4fedora6centos1gentoo1cve1osv16