ID OPENVAS:71182 Type openvas Reporter Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com Modified 2017-07-07T00:00:00
Description
The remote host is missing updates announced in
advisory GLSA 201202-07.
#
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from Gentoo's XML based advisory
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "Multiple vulnerabilities were found in libvirt, the worst of which
might allow guest OS users to read arbitrary files on the host OS.";
tag_solution = "All libvirt users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=app-emulation/libvirt-0.9.3-r1'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201202-07
http://bugs.gentoo.org/show_bug.cgi?id=358877
http://bugs.gentoo.org/show_bug.cgi?id=372963
http://bugs.gentoo.org/show_bug.cgi?id=373991
http://bugs.gentoo.org/show_bug.cgi?id=386287";
tag_summary = "The remote host is missing updates announced in
advisory GLSA 201202-07.";
if(description)
{
script_id(71182);
script_tag(name:"cvss_base", value:"6.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_cve_id("CVE-2011-1146", "CVE-2011-1486", "CVE-2011-2178", "CVE-2011-2511");
script_version("$Revision: 6589 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $");
script_tag(name:"creation_date", value:"2012-03-12 11:35:34 -0400 (Mon, 12 Mar 2012)");
script_name("Gentoo Security Advisory GLSA 201202-07 (libvirt)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com");
script_family("Gentoo Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-gentoo.inc");
res = "";
report = "";
if((res = ispkgvuln(pkg:"app-emulation/libvirt", unaffected: make_list("ge 0.9.3-r1"), vulnerable: make_list("lt 0.9.3-r1"))) != NULL ) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:71182", "type": "openvas", "bulletinFamily": "scanner", "title": "Gentoo Security Advisory GLSA 201202-07 (libvirt)", "description": "The remote host is missing updates announced in\nadvisory GLSA 201202-07.", "published": "2012-03-12T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=71182", "reporter": "Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2011-1486", "CVE-2011-2511", "CVE-2011-2178", "CVE-2011-1146"], "lastseen": "2017-07-24T12:51:20", "viewCount": 0, "enchantments": {"score": {"value": 7.3, "vector": "NONE", "modified": "2017-07-24T12:51:20", "rev": 2}, "dependencies": {"references": [{"type": "openvas", "idList": ["OPENVAS:136141256231069989", "OPENVAS:1361412562310862994", "OPENVAS:863370", "OPENVAS:863350", "OPENVAS:1361412562310862977", "OPENVAS:69989", "OPENVAS:136141256231071182", "OPENVAS:862977", "OPENVAS:1361412562310863350", "OPENVAS:1361412562310863370"]}, {"type": "gentoo", "idList": ["GLSA-201202-07"]}, {"type": "nessus", "idList": ["FEDORA_2011-4896.NASL", "SUSE_11_3_XEN-201105-110510.NASL", "FEDORA_2011-4870.NASL", "FEDORA_2011-9091.NASL", "DEBIAN_DSA-2280.NASL", "FEDORA_2011-9062.NASL", "SUSE_11_XEN-201105-110505.NASL", "GENTOO_GLSA-201202-07.NASL", "SUSE_11_4_XEN-201105-110510.NASL", "UBUNTU_USN-1152-1.NASL"]}, {"type": "cve", "idList": ["CVE-2011-1486", "CVE-2011-2178", "CVE-2011-1146", "CVE-2011-2511"]}, {"type": "fedora", "idList": ["FEDORA:BC0FE110B14", "FEDORA:541071110D8", "FEDORA:C9820110ACB", "FEDORA:CAECE110D4F", "FEDORA:79E5C110A75"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1197", "ELSA-2011-1019", "ELSA-2011-0391"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26570", "SECURITYVULNS:VULN:11743", "SECURITYVULNS:VULN:11800", "SECURITYVULNS:DOC:26676", "SECURITYVULNS:DOC:25984", "SECURITYVULNS:VULN:11525"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2194-1:BEA3B", "DEBIAN:DSA-2280-1:ECE34", "DEBIAN:BSA-052:2E8C1"]}, {"type": "ubuntu", "idList": ["USN-1180-1", "USN-1152-1", "USN-1094-1"]}, {"type": "centos", "idList": ["CESA-2011:0391", "CESA-2011:1019"]}, {"type": "redhat", "idList": ["RHSA-2011:0391", "RHSA-2011:1197", "RHSA-2011:1019"]}], "modified": "2017-07-24T12:51:20", "rev": 2}, "vulnersScore": 7.3}, "pluginID": "71182", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities were found in libvirt, the worst of which\n might allow guest OS users to read arbitrary files on the host OS.\";\ntag_solution = \"All libvirt users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/libvirt-0.9.3-r1'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201202-07\nhttp://bugs.gentoo.org/show_bug.cgi?id=358877\nhttp://bugs.gentoo.org/show_bug.cgi?id=372963\nhttp://bugs.gentoo.org/show_bug.cgi?id=373991\nhttp://bugs.gentoo.org/show_bug.cgi?id=386287\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201202-07.\";\n\n \n \nif(description)\n{\n script_id(71182);\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1146\", \"CVE-2011-1486\", \"CVE-2011-2178\", \"CVE-2011-2511\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:35:34 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201202-07 (libvirt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"app-emulation/libvirt\", unaffected: make_list(\"ge 0.9.3-r1\"), vulnerable: make_list(\"lt 0.9.3-r1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Gentoo Local Security Checks"}
{"cve": [{"lastseen": "2020-12-09T19:39:08", "description": "Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.", "edition": 5, "cvss3": {}, "published": "2011-08-10T20:55:00", "title": "CVE-2011-2511", "type": "cve", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2511"], "modified": "2017-08-29T01:29:00", "cpe": ["cpe:/a:redhat:libvirt:0.0.1", "cpe:/a:redhat:libvirt:0.8.2", "cpe:/a:redhat:libvirt:0.8.4", "cpe:/a:redhat:libvirt:0.4.5", "cpe:/a:redhat:libvirt:0.9.2", "cpe:/a:redhat:libvirt:0.7.6", "cpe:/a:redhat:libvirt:0.9.1", "cpe:/a:redhat:libvirt:0.7.5", "cpe:/a:redhat:libvirt:0.5.1", "cpe:/a:redhat:libvirt:0.9.0", "cpe:/a:redhat:libvirt:0.3.1", "cpe:/a:redhat:libvirt:0.1.3", "cpe:/a:redhat:libvirt:0.2.1", "cpe:/a:redhat:libvirt:0.6.0", "cpe:/a:redhat:libvirt:0.8.3", "cpe:/a:redhat:libvirt:0.8.6", "cpe:/a:redhat:libvirt:0.4.1", "cpe:/a:redhat:libvirt:0.7.0", "cpe:/a:redhat:libvirt:0.0.4", "cpe:/a:redhat:libvirt:0.1.5", "cpe:/a:redhat:libvirt:0.4.4", "cpe:/a:redhat:libvirt:0.8.1", "cpe:/a:redhat:libvirt:0.0.5", "cpe:/a:redhat:libvirt:0.0.3", "cpe:/a:redhat:libvirt:0.2.2", "cpe:/a:redhat:libvirt:0.1.4", "cpe:/a:redhat:libvirt:0.6.2", "cpe:/a:redhat:libvirt:0.3.0", "cpe:/a:redhat:libvirt:0.4.6", "cpe:/a:redhat:libvirt:0.7.7", "cpe:/a:redhat:libvirt:0.1.7", "cpe:/a:redhat:libvirt:0.2.0", "cpe:/a:redhat:libvirt:0.4.2", "cpe:/a:redhat:libvirt:0.0.2", "cpe:/a:redhat:libvirt:0.6.3", "cpe:/a:redhat:libvirt:0.7.4", "cpe:/a:redhat:libvirt:0.8.0", "cpe:/a:redhat:libvirt:0.0.6", "cpe:/a:redhat:libvirt:0.4.3", "cpe:/a:redhat:libvirt:0.5.0", "cpe:/a:redhat:libvirt:0.2.3", "cpe:/a:redhat:libvirt:0.6.1", "cpe:/a:redhat:libvirt:0.1.9", "cpe:/a:redhat:libvirt:0.1.6", "cpe:/a:redhat:libvirt:0.8.8", "cpe:/a:redhat:libvirt:0.7.1", "cpe:/a:redhat:libvirt:0.3.2", "cpe:/a:redhat:libvirt:0.4.0", "cpe:/a:redhat:libvirt:0.1.0", "cpe:/a:redhat:libvirt:0.8.5", "cpe:/a:redhat:libvirt:0.7.2", "cpe:/a:redhat:libvirt:0.7.3", "cpe:/a:redhat:libvirt:0.6.5", "cpe:/a:redhat:libvirt:0.8.7", "cpe:/a:redhat:libvirt:0.6.4", "cpe:/a:redhat:libvirt:0.1.1", "cpe:/a:redhat:libvirt:0.1.8", "cpe:/a:redhat:libvirt:0.3.3"], "id": "CVE-2011-2511", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2511", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:redhat:libvirt:0.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.4:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:39:28", "description": "The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of \"security manager private data\" that \"reopens disk probing\" and might allow guest OS users to read arbitrary files on the host OS. NOTE: this vulnerability exists because of a CVE-2010-2238 regression.", "edition": 3, "cvss3": {}, "published": "2011-08-10T20:55:00", "title": "CVE-2011-2178", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 2.7, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.4, "vectorString": "AV:L/AC:M/Au:S/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2178"], "modified": "2012-08-02T04:00:00", "cpe": ["cpe:/a:redhat:libvirt:0.9.1", "cpe:/a:redhat:libvirt:0.9.0", "cpe:/a:redhat:libvirt:0.8.8"], "id": "CVE-2011-2178", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2178", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:S/C:C/I:N/A:N"}, "cpe23": ["cpe:2.3:a:redhat:libvirt:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.9.0:*:*:*:*:*:*:*"]}, {"lastseen": "2020-10-03T11:39:25", "description": "libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.", "edition": 3, "cvss3": {}, "published": "2011-03-15T17:55:00", "title": "CVE-2011-1146", "type": "cve", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1146"], "modified": "2017-08-17T01:33:00", "cpe": ["cpe:/a:redhat:libvirt:0.8.8"], "id": "CVE-2011-1146", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1146", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T19:39:06", "description": "libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.", "edition": 5, "cvss3": {}, "published": "2011-05-31T20:55:00", "title": "CVE-2011-1486", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 3.3, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1486"], "modified": "2011-08-12T02:44:00", "cpe": ["cpe:/a:redhat:libvirt:0.0.1", "cpe:/a:redhat:libvirt:0.8.2", "cpe:/a:redhat:libvirt:0.8.4", "cpe:/a:redhat:libvirt:0.4.5", "cpe:/a:redhat:libvirt:0.7.6", "cpe:/a:redhat:libvirt:0.7.5", "cpe:/a:redhat:libvirt:0.5.1", "cpe:/a:redhat:libvirt:0.3.1", "cpe:/a:redhat:libvirt:0.1.3", "cpe:/a:redhat:libvirt:0.2.1", "cpe:/a:redhat:libvirt:0.6.0", "cpe:/a:redhat:libvirt:0.8.3", "cpe:/a:redhat:libvirt:0.8.6", "cpe:/a:redhat:libvirt:0.4.1", "cpe:/a:redhat:libvirt:0.7.0", "cpe:/a:redhat:libvirt:0.0.4", "cpe:/a:redhat:libvirt:0.1.5", "cpe:/a:redhat:libvirt:0.4.4", "cpe:/a:redhat:libvirt:0.8.1", "cpe:/a:redhat:libvirt:0.0.5", "cpe:/a:redhat:libvirt:0.0.3", "cpe:/a:redhat:libvirt:0.2.2", "cpe:/a:redhat:libvirt:0.1.4", "cpe:/a:redhat:libvirt:0.6.2", "cpe:/a:redhat:libvirt:0.3.0", "cpe:/a:redhat:libvirt:0.4.6", "cpe:/a:redhat:libvirt:0.7.7", "cpe:/a:redhat:libvirt:0.1.7", "cpe:/a:redhat:libvirt:0.2.0", "cpe:/a:redhat:libvirt:0.4.2", "cpe:/a:redhat:libvirt:0.0.2", "cpe:/a:redhat:libvirt:0.6.3", "cpe:/a:redhat:libvirt:0.7.4", "cpe:/a:redhat:libvirt:0.8.0", "cpe:/a:redhat:libvirt:0.0.6", "cpe:/a:redhat:libvirt:0.4.3", "cpe:/a:redhat:libvirt:0.5.0", "cpe:/a:redhat:libvirt:0.2.3", "cpe:/a:redhat:libvirt:0.6.1", "cpe:/a:redhat:libvirt:0.1.9", "cpe:/a:redhat:libvirt:0.1.6", "cpe:/a:redhat:libvirt:0.8.8", "cpe:/a:redhat:libvirt:0.7.1", "cpe:/a:redhat:libvirt:0.3.2", "cpe:/a:redhat:libvirt:0.4.0", "cpe:/a:redhat:libvirt:0.1.0", "cpe:/a:redhat:libvirt:0.8.5", "cpe:/a:redhat:libvirt:0.7.2", "cpe:/a:redhat:libvirt:0.7.3", "cpe:/a:redhat:libvirt:0.6.5", "cpe:/a:redhat:libvirt:0.8.7", "cpe:/a:redhat:libvirt:0.6.4", "cpe:/a:redhat:libvirt:0.1.1", "cpe:/a:redhat:libvirt:0.1.8", "cpe:/a:redhat:libvirt:0.3.3"], "id": "CVE-2011-1486", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1486", "cvss": {"score": 3.3, "vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:redhat:libvirt:0.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:redhat:libvirt:0.4.4:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:38:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-2511", "CVE-2011-2178", "CVE-2011-1146"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201202-07.", "modified": "2018-10-12T00:00:00", "published": "2012-03-12T00:00:00", "id": "OPENVAS:136141256231071182", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071182", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201202-07 (libvirt)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201202_07.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71182\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2011-1146\", \"CVE-2011-1486\", \"CVE-2011-2178\", \"CVE-2011-2511\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:35:34 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201202-07 (libvirt)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were found in libvirt, the worst of which\n might allow guest OS users to read arbitrary files on the host OS.\");\n script_tag(name:\"solution\", value:\"All libvirt users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/libvirt-0.9.3-r1'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201202-07\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=358877\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=372963\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=373991\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=386287\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201202-07.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"app-emulation/libvirt\", unaffected: make_list(\"ge 0.9.3-r1\"), vulnerable: make_list(\"lt 0.9.3-r1\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-2511", "CVE-2011-1146"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-07-27T00:00:00", "id": "OPENVAS:1361412562310863370", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863370", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2011-9062", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libvirt FEDORA-2011-9062\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863370\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-27 14:47:11 +0200 (Wed, 27 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-9062\");\n script_cve_id(\"CVE-2011-2511\", \"CVE-2011-1486\", \"CVE-2011-1146\");\n script_name(\"Fedora Update for libvirt FEDORA-2011-9062\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvirt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"libvirt on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.8.3~10.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-2511", "CVE-2011-1146"], "description": "Check for the Version of libvirt", "modified": "2017-07-10T00:00:00", "published": "2011-07-27T00:00:00", "id": "OPENVAS:863370", "href": "http://plugins.openvas.org/nasl.php?oid=863370", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2011-9062", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libvirt FEDORA-2011-9062\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libvirt on Fedora 14\";\ntag_insight = \"Libvirt is a C toolkit to interact with the virtualization capabilities\n of recent versions of Linux (and other OSes). The main package includes\n the libvirtd server exporting the virtualization support.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html\");\n script_id(863370);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-27 14:47:11 +0200 (Wed, 27 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-9062\");\n script_cve_id(\"CVE-2011-2511\", \"CVE-2011-1486\", \"CVE-2011-1146\");\n script_name(\"Fedora Update for libvirt FEDORA-2011-9062\");\n\n script_summary(\"Check for the Version of libvirt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.8.3~10.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:28", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2511", "CVE-2011-2178"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-07-18T00:00:00", "id": "OPENVAS:1361412562310863350", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863350", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2011-9091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libvirt FEDORA-2011-9091\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863350\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:S/C:C/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-9091\");\n script_cve_id(\"CVE-2011-2178\", \"CVE-2011-2511\");\n script_name(\"Fedora Update for libvirt FEDORA-2011-9091\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvirt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"libvirt on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.8.8~7.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:S/C:C/I:N/A:N"}}, {"lastseen": "2017-07-25T10:55:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2511", "CVE-2011-2178"], "description": "Check for the Version of libvirt", "modified": "2017-07-10T00:00:00", "published": "2011-07-18T00:00:00", "id": "OPENVAS:863350", "href": "http://plugins.openvas.org/nasl.php?oid=863350", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2011-9091", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libvirt FEDORA-2011-9091\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libvirt on Fedora 15\";\ntag_insight = \"Libvirt is a C toolkit to interact with the virtualization capabilities\n of recent versions of Linux (and other OSes). The main package includes\n the libvirtd server exporting the virtualization support.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html\");\n script_id(863350);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-07-18 15:23:56 +0200 (Mon, 18 Jul 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.4\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:S/C:C/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-9091\");\n script_cve_id(\"CVE-2011-2178\", \"CVE-2011-2511\");\n script_name(\"Fedora Update for libvirt FEDORA-2011-9091\");\n\n script_summary(\"Check for the Version of libvirt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.8.8~7.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:40:02", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-2511"], "description": "The remote host is missing an update to libvirt\nannounced via advisory DSA 2280-1.", "modified": "2019-03-18T00:00:00", "published": "2011-08-03T00:00:00", "id": "OPENVAS:136141256231069989", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069989", "type": "openvas", "title": "Debian Security Advisory DSA 2280-1 (libvirt)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2280_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2280-1 (libvirt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69989\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-2511\", \"CVE-2011-1486\");\n script_name(\"Debian Security Advisory DSA 2280-1 (libvirt)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|5)\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202280-1\");\n script_tag(name:\"insight\", value:\"It was discovered that libvirt, a library for interfacing with different\nvirtualization systems, is prone to an integer overflow (CVE-2011-2511).\nAdditionally, the stable version is prone to a denial of service,\nbecause its error reporting is not thread-safe (CVE-2011-1486).\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 0.8.3-5+squeeze2.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 0.4.6-10+lenny2.\n\nFor the testing distribution (wheezy), these problems will fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.9.2-7).\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your libvirt packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to libvirt\nannounced via advisory DSA 2280-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libvirt-bin\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libvirt-dev\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libvirt-doc\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libvirt0\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libvirt0-dbg\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libvirt\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libvirt-bin\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libvirt-dev\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libvirt-doc\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libvirt0\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libvirt0-dbg\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"python-libvirt\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:55:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-2511"], "description": "The remote host is missing an update to libvirt\nannounced via advisory DSA 2280-1.", "modified": "2017-07-07T00:00:00", "published": "2011-08-03T00:00:00", "id": "OPENVAS:69989", "href": "http://plugins.openvas.org/nasl.php?oid=69989", "type": "openvas", "title": "Debian Security Advisory DSA 2280-1 (libvirt)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2280_1.nasl 6613 2017-07-07 12:08:40Z cfischer $\n# Description: Auto-generated from advisory DSA 2280-1 (libvirt)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that libvirt, a library for interfacing with different\nvirtualization systems, is prone to an integer overflow (CVE-2011-2511).\nAdditionally, the stable version is prone to a denial of service,\nbecause its error reporting is not thread-safe (CVE-2011-1486).\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 0.8.3-5+squeeze2.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 0.4.6-10+lenny2.\n\nFor the testing distribution (wheezy), these problems will fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.9.2-7).\n\n\nWe recommend that you upgrade your libvirt packages.\";\ntag_summary = \"The remote host is missing an update to libvirt\nannounced via advisory DSA 2280-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202280-1\";\n\n\nif(description)\n{\n script_id(69989);\n script_version(\"$Revision: 6613 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:40 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-08-03 04:36:20 +0200 (Wed, 03 Aug 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_cve_id(\"CVE-2011-2511\", \"CVE-2011-1486\");\n script_name(\"Debian Security Advisory DSA 2280-1 (libvirt)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libvirt-bin\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvirt-dev\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvirt-doc\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvirt0\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvirt0-dbg\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libvirt\", ver:\"0.8.3-5+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvirt-bin\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvirt-dev\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvirt-doc\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvirt0\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libvirt0-dbg\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python-libvirt\", ver:\"0.4.6-10+lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-1146"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-04-19T00:00:00", "id": "OPENVAS:1361412562310862977", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862977", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2011-4896", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libvirt FEDORA-2011-4896\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057846.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862977\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-19 07:58:39 +0200 (Tue, 19 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-4896\");\n script_cve_id(\"CVE-2011-1486\", \"CVE-2011-1146\");\n script_name(\"Fedora Update for libvirt FEDORA-2011-4896\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvirt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"libvirt on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.8.3~9.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-1146"], "description": "Check for the Version of libvirt", "modified": "2017-07-10T00:00:00", "published": "2011-04-19T00:00:00", "id": "OPENVAS:862977", "href": "http://plugins.openvas.org/nasl.php?oid=862977", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2011-4896", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libvirt FEDORA-2011-4896\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"libvirt on Fedora 14\";\ntag_insight = \"Libvirt is a C toolkit to interact with the virtualization capabilities\n of recent versions of Linux (and other OSes). The main package includes\n the libvirtd server exporting the virtualization support.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057846.html\");\n script_id(862977);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-19 07:58:39 +0200 (Tue, 19 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-4896\");\n script_cve_id(\"CVE-2011-1486\", \"CVE-2011-1146\");\n script_name(\"Fedora Update for libvirt FEDORA-2011-4896\");\n\n script_summary(\"Check for the Version of libvirt\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.8.3~9.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:35", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-1146"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-04-21T00:00:00", "id": "OPENVAS:1361412562310862994", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862994", "type": "openvas", "title": "Fedora Update for libvirt FEDORA-2011-4870", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libvirt FEDORA-2011-4870\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-April/058464.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862994\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-04-21 08:14:46 +0200 (Thu, 21 Apr 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-4870\");\n script_cve_id(\"CVE-2011-1486\", \"CVE-2011-1146\");\n script_name(\"Fedora Update for libvirt FEDORA-2011-4870\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libvirt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"libvirt on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"libvirt\", rpm:\"libvirt~0.8.2~6.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:09", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1486", "CVE-2011-2511", "CVE-2011-2178", "CVE-2011-1146"], "description": "### Background\n\nlibvirt is a C toolkit to manipulate virtual machines.\n\n### Description\n\nMultiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nThese vulnerabilities allow a remote attacker to cause a Denial of Service condition on the host server or libvirt daemon, or might allow guest OS users to read arbitrary files on the host OS. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll libvirt users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulation/libvirt-0.9.3-r1\"", "edition": 1, "modified": "2012-02-27T00:00:00", "published": "2012-02-27T00:00:00", "id": "GLSA-201202-07", "href": "https://security.gentoo.org/glsa/201202-07", "type": "gentoo", "title": "libvirt: Multiple vulnerabilities", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-07T10:53:27", "description": "The remote host is affected by the vulnerability described in GLSA-201202-07\n(libvirt: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libvirt. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n These vulnerabilities allow a remote attacker to cause a Denial of\n Service condition on the host server or libvirt daemon, or might allow\n guest OS users to read arbitrary files on the host OS.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 21, "published": "2012-02-28T00:00:00", "title": "GLSA-201202-07 : libvirt: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-2511", "CVE-2011-2178", "CVE-2011-1146"], "modified": "2012-02-28T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:libvirt"], "id": "GENTOO_GLSA-201202-07.NASL", "href": "https://www.tenable.com/plugins/nessus/58139", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201202-07.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58139);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-1146\", \"CVE-2011-1486\", \"CVE-2011-2178\", \"CVE-2011-2511\");\n script_bugtraq_id(46820, 47148, 48321, 48478);\n script_xref(name:\"GLSA\", value:\"201202-07\");\n\n script_name(english:\"GLSA-201202-07 : libvirt: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201202-07\n(libvirt: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in libvirt. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n These vulnerabilities allow a remote attacker to cause a Denial of\n Service condition on the host server or libvirt daemon, or might allow\n guest OS users to read arbitrary files on the host OS.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201202-07\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All libvirt users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/libvirt-0.9.3-r1'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulation/libvirt\", unaffected:make_list(\"ge 0.9.3-r1\"), vulnerable:make_list(\"lt 0.9.3-r1\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:09:46", "description": "CVE-2011-2511, integer overflow in VirDomainGetVcpus\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2011-07-25T00:00:00", "title": "Fedora 14 : libvirt-0.8.3-10.fc14 (2011-9062)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2511", "CVE-2011-1146"], "modified": "2011-07-25T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:libvirt"], "id": "FEDORA_2011-9062.NASL", "href": "https://www.tenable.com/plugins/nessus/55656", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-9062.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55656);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1146\", \"CVE-2011-2511\");\n script_bugtraq_id(48478);\n script_xref(name:\"FEDORA\", value:\"2011-9062\");\n\n script_name(english:\"Fedora 14 : libvirt-0.8.3-10.fc14 (2011-9062)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2011-2511, integer overflow in VirDomainGetVcpus\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=717204\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?27165ca5\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"libvirt-0.8.3-10.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:09:46", "description": "Fix for CVE-2011-2178, regression introduced in disk probe logic,\n\nFix for CVE-2011-2511, integer overflow in VirDomainGetVcpus\n\nMake commandtest more robust,\n\nAdd ARM to NUMA excludes\n\nAdd several build and runtime dependencies to specfile\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2011-07-12T00:00:00", "title": "Fedora 15 : libvirt-0.8.8-7.fc15 (2011-9091)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-2511", "CVE-2011-2178"], "modified": "2011-07-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:15", "p-cpe:/a:fedoraproject:fedora:libvirt"], "id": "FEDORA_2011-9091.NASL", "href": "https://www.tenable.com/plugins/nessus/55561", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-9091.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55561);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2178\", \"CVE-2011-2511\");\n script_bugtraq_id(48321, 48478);\n script_xref(name:\"FEDORA\", value:\"2011-9091\");\n\n script_name(english:\"Fedora 15 : libvirt-0.8.8-7.fc15 (2011-9091)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2011-2178, regression introduced in disk probe logic,\n\nFix for CVE-2011-2511, integer overflow in VirDomainGetVcpus\n\nMake commandtest more robust,\n\nAdd ARM to NUMA excludes\n\nAdd several build and runtime dependencies to specfile\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=680270\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=709775\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=717204\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a0f11553\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"libvirt-0.8.8-7.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:S/C:C/I:N/A:N"}}, {"lastseen": "2021-01-06T09:46:44", "description": "It was discovered that libvirt, a library for interfacing with\ndifferent virtualization systems, is prone to an integer overflow\n(CVE-2011-2511 ). Additionally, the stable version is prone to a\ndenial of service, because its error reporting is not thread-safe\n(CVE-2011-1486 ).", "edition": 16, "published": "2011-07-20T00:00:00", "title": "Debian DSA-2280-1 : libvirt - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-2511"], "modified": "2011-07-20T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:libvirt", "cpe:/o:debian:debian_linux:5.0"], "id": "DEBIAN_DSA-2280.NASL", "href": "https://www.tenable.com/plugins/nessus/55625", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2280. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55625);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-1486\", \"CVE-2011-2511\");\n script_bugtraq_id(47148, 48478);\n script_xref(name:\"DSA\", value:\"2280\");\n\n script_name(english:\"Debian DSA-2280-1 : libvirt - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that libvirt, a library for interfacing with\ndifferent virtualization systems, is prone to an integer overflow\n(CVE-2011-2511 ). Additionally, the stable version is prone to a\ndenial of service, because its error reporting is not thread-safe\n(CVE-2011-1486 ).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633630\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-2511\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2011-1486\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/libvirt\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2280\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libvirt packages.\n\nFor the stable distribution (squeeze), these problems have been fixed\nin version 0.8.3-5+squeeze2.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 0.4.6-10+lenny2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/07/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"libvirt\", reference:\"0.4.6-10+lenny2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libvirt-bin\", reference:\"0.8.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libvirt-dev\", reference:\"0.8.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libvirt-doc\", reference:\"0.8.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libvirt0\", reference:\"0.8.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libvirt0-dbg\", reference:\"0.8.3-5+squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"python-libvirt\", reference:\"0.8.3-5+squeeze2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2021-01-12T10:09:31", "description": "Fix for CVE-2011-1486, error reporting in libvirtd is not thread safe\nFix specfil to create /var/lib/libvirt with proper permissions. fix a\nlack of API check on read-only connections this build fix one crash in\nthe the error handling fix a lack of API check on read-only\nconnections\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 25, "published": "2011-04-12T00:00:00", "title": "Fedora 14 : libvirt-0.8.3-9.fc14 (2011-4896)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-1146"], "modified": "2011-04-12T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:libvirt"], "id": "FEDORA_2011-4896.NASL", "href": "https://www.tenable.com/plugins/nessus/53368", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-4896.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53368);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1146\", \"CVE-2011-1486\");\n script_bugtraq_id(46820, 47148);\n script_xref(name:\"FEDORA\", value:\"2011-4896\");\n\n script_name(english:\"Fedora 14 : libvirt-0.8.3-9.fc14 (2011-4896)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2011-1486, error reporting in libvirtd is not thread safe\nFix specfil to create /var/lib/libvirt with proper permissions. fix a\nlack of API check on read-only connections this build fix one crash in\nthe the error handling fix a lack of API check on read-only\nconnections\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=683650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=693391\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-April/057846.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?56142901\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"libvirt-0.8.3-9.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:09:31", "description": "Fix for CVE-2011-1486, error reporting in libvirtd is not thread safe\nFix specfile to create /var/lib/libvirt with proper permissions. fix a\nlack of API check on read-only connections this build fix one crash in\nthe the error handling fix a lack of API check on read-only\nconnections\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 23, "published": "2011-04-19T00:00:00", "title": "Fedora 13 : libvirt-0.8.2-6.fc13 (2011-4870)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-1146"], "modified": "2011-04-19T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:libvirt"], "id": "FEDORA_2011-4870.NASL", "href": "https://www.tenable.com/plugins/nessus/53479", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-4870.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(53479);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-1146\", \"CVE-2011-1486\");\n script_bugtraq_id(46820, 47148);\n script_xref(name:\"FEDORA\", value:\"2011-4870\");\n\n script_name(english:\"Fedora 13 : libvirt-0.8.2-6.fc13 (2011-4870)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for CVE-2011-1486, error reporting in libvirtd is not thread safe\nFix specfile to create /var/lib/libvirt with proper permissions. fix a\nlack of API check on read-only connections this build fix one crash in\nthe the error handling fix a lack of API check on read-only\nconnections\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=683650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=693391\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-April/058464.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ebc021c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/04/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/04/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"libvirt-0.8.2-6.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-01T06:35:10", "description": "It was discovered that libvirt did not use thread-safe error\nreporting. A remote attacker could exploit this to cause a denial of\nservice via application crash. (CVE-2011-1486)\n\nEric Blake discovered that libvirt had an off-by-one error which could\nbe used to reopen disk probing and bypass the fix for CVE-2010-2238. A\nprivileged attacker in the guest could exploit this to read arbitrary\nfiles on the host. This issue only affected Ubuntu 11.04. By default,\nguests are confined by an AppArmor profile which provided partial\nprotection against this flaw. (CVE-2011-2178).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2011-06-17T00:00:00", "title": "Ubuntu 10.04 LTS / 10.10 / 11.04 : libvirt vulnerabilities (USN-1152-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2010-2238", "CVE-2011-2178"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libvirt-bin", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:libvirt0", "cpe:/o:canonical:ubuntu_linux:10.10"], "id": "UBUNTU_USN-1152-1.NASL", "href": "https://www.tenable.com/plugins/nessus/55167", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1152-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55167);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2010-2238\", \"CVE-2011-1486\", \"CVE-2011-2178\");\n script_bugtraq_id(47148);\n script_xref(name:\"USN\", value:\"1152-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 10.10 / 11.04 : libvirt vulnerabilities (USN-1152-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that libvirt did not use thread-safe error\nreporting. A remote attacker could exploit this to cause a denial of\nservice via application crash. (CVE-2011-1486)\n\nEric Blake discovered that libvirt had an off-by-one error which could\nbe used to reopen disk probing and bypass the fix for CVE-2010-2238. A\nprivileged attacker in the guest could exploit this to read arbitrary\nfiles on the host. This issue only affected Ubuntu 11.04. By default,\nguests are confined by an AppArmor profile which provided partial\nprotection against this flaw. (CVE-2011-2178).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1152-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libvirt-bin and / or libvirt0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:S/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libvirt0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2010/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|10\\.10|11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 10.10 / 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libvirt-bin\", pkgver:\"0.7.5-5ubuntu27.13\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libvirt0\", pkgver:\"0.7.5-5ubuntu27.13\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libvirt-bin\", pkgver:\"0.8.3-1ubuntu18\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"libvirt0\", pkgver:\"0.8.3-1ubuntu18\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libvirt-bin\", pkgver:\"0.8.8-1ubuntu6.2\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"libvirt0\", pkgver:\"0.8.8-1ubuntu6.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libvirt-bin / libvirt0\");\n}\n", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:S/C:C/I:N/A:N"}}, {"lastseen": "2021-01-17T14:08:21", "description": "Collective May/2011 update for Xen\n\nXen :\n\n - 691238 - L3: question on behaviour change xm list\n\n - 623680 - xen kernel freezes during boot when processor\n module is loaded\n\n - 680824 - dom0 can't recognize boot disk when IOMMU is\n enabled\n\n - 688473 - VUL-0: potential buffer overflow in tools\n\n - 679344 - VUL-0: Xen: multi-vCPU pv guest may crash host\n\n - 687981 - L3: mistyping model type when defining VIF\n crashes\n\n - 675817 - Kernel panic when creating HVM guests on AMD\n platforms with XSAVE\n\n - 678871 - dom0 hangs long time when starting hvm guests\n with memory >= 64GB\n\n - 675363 - Random lockups with kernel-xen. Possibly\n graphics related\n\n - 678229 - restore of sles HVM fails\n\n - 672833 - xen-tools bug causing problems with Ubuntu\n 10.10 under Xen 4.\n\n - 665610 - xm console > 1 to same VM messes up both\n consoles\n\nvm-install :\n\n - 688757 - SLED10SP4 fully virtualized in SLES10SP4 XEN -\n kernel panic\n\n - 678152 - Xen: virt-manager: harmless block device admin\n actions on FV guests mess up network (VIF) device type\n ==> network lost.", "edition": 25, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : xen-201105 (openSUSE-SU-2011:0580-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-1166", "CVE-2011-1583", "CVE-2011-1146"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-kmp-desktop", "p-cpe:/a:novell:opensuse:vm-install", "p-cpe:/a:novell:opensuse:xen-kmp-pae", "p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-doc-pdf", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-tools-domU", "p-cpe:/a:novell:opensuse:xen-kmp-default", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_XEN-201105-110510.NASL", "href": "https://www.tenable.com/plugins/nessus/75776", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update xen-201105-4525.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75776);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1146\", \"CVE-2011-1166\", \"CVE-2011-1486\", \"CVE-2011-1583\");\n\n script_name(english:\"openSUSE Security Update : xen-201105 (openSUSE-SU-2011:0580-1)\");\n script_summary(english:\"Check for the xen-201105-4525 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Collective May/2011 update for Xen\n\nXen :\n\n - 691238 - L3: question on behaviour change xm list\n\n - 623680 - xen kernel freezes during boot when processor\n module is loaded\n\n - 680824 - dom0 can't recognize boot disk when IOMMU is\n enabled\n\n - 688473 - VUL-0: potential buffer overflow in tools\n\n - 679344 - VUL-0: Xen: multi-vCPU pv guest may crash host\n\n - 687981 - L3: mistyping model type when defining VIF\n crashes\n\n - 675817 - Kernel panic when creating HVM guests on AMD\n platforms with XSAVE\n\n - 678871 - dom0 hangs long time when starting hvm guests\n with memory >= 64GB\n\n - 675363 - Random lockups with kernel-xen. Possibly\n graphics related\n\n - 678229 - restore of sles HVM fails\n\n - 672833 - xen-tools bug causing problems with Ubuntu\n 10.10 under Xen 4.\n\n - 665610 - xm console > 1 to same VM messes up both\n consoles\n\nvm-install :\n\n - 688757 - SLED10SP4 fully virtualized in SLES10SP4 XEN -\n kernel panic\n\n - 678152 - Xen: virt-manager: harmless block device admin\n actions on FV guests mess up network (VIF) device type\n ==> network lost.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=623680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=665610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=672833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675363\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678229\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=679344\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=680824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=687981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=688473\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=688757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=691238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-05/msg00066.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen-201105 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vm-install\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"vm-install-0.4.30-0.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"xen-4.0.1_21326_08-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"xen-devel-4.0.1_21326_08-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"xen-doc-html-4.0.1_21326_08-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"xen-doc-pdf-4.0.1_21326_08-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"xen-kmp-default-4.0.1_21326_08_k2.6.34.8_0.2-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"xen-kmp-desktop-4.0.1_21326_08_k2.6.34.8_0.2-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"xen-kmp-pae-4.0.1_21326_08_k2.6.34.8_0.2-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"xen-libs-4.0.1_21326_08-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"xen-tools-4.0.1_21326_08-0.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"xen-tools-domU-4.0.1_21326_08-0.7.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T14:42:00", "description": "Collective May/2011 update for Xen\n\nXen :\n\n - 679344: Xen: multi-vCPU pv guest may crash host\n\n - 675817: Kernel panic when creating HVM guests on AMD\n platforms with XSAVE\n\n - 678871: dom0 hangs long time when starting hvm guests\n with memory >= 64GB\n\n - 675363: Random lockups with kernel-xen. Possibly\n graphics related\n\n - 678229: restore of sles HVM fails\n\n - 672833: xen-tools bug causing problems with Ubuntu 10.10\n under Xen 4.\n\n - 665610: xm console > 1 to same VM messes up both\n consoles\n\n - 687981: mistyping model type when defining VIF crashes\n VM\n\n - 688473: Fix potential buffer overflow in decode\n\n - 691238: revert accidental behaviour change in xm list\n\n - 680824: dom0 can't recognize boot disk when IOMMU is\n enabled\n\n - 623680: xen kernel freezes during boot when processor\n module is loaded vm-install :\n\n - 678152: virt-manager: harmless block device admin\n actions on FV guests mess up network (VIF) device type\n ==> network lost.\n\n - 688757: SLED10SP4 fully virtualized in SLES10SP4 XEN -\n kernel panic libvirt :\n\n - 674371: qemu aio mode per disk\n\n - 675861: Force FLR on for buggy SR-IOV devices\n\n - 678406: libvirt: several API calls do not honour\n read-only\n\n - 684877: libvirt: error reporting in libvirtd is not\n thread safe\n\n - 686737: virsh: Add option 'model' to attach-interface\n\n - 681546: Fix xmdomain.cfg to libvirt XML format\n conversion\n\n - 688306: Handle support for recent KVM versions", "edition": 24, "published": "2011-06-01T00:00:00", "title": "SuSE 11.1 Security Update : Xen (SAT Patch Number 4491)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-1166", "CVE-2011-1583", "CVE-2011-1146"], "modified": "2011-06-01T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:xen-tools", "p-cpe:/a:novell:suse_linux:11:xen-tools-domU", "p-cpe:/a:novell:suse_linux:11:libvirt", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:11:xen", "p-cpe:/a:novell:suse_linux:11:xen-doc-pdf", "p-cpe:/a:novell:suse_linux:11:xen-doc-html", "p-cpe:/a:novell:suse_linux:11:xen-kmp-pae", "p-cpe:/a:novell:suse_linux:11:libvirt-python", "p-cpe:/a:novell:suse_linux:11:xen-libs", "p-cpe:/a:novell:suse_linux:11:vm-install", "p-cpe:/a:novell:suse_linux:11:libvirt-doc", "p-cpe:/a:novell:suse_linux:11:xen-kmp-default"], "id": "SUSE_11_XEN-201105-110505.NASL", "href": "https://www.tenable.com/plugins/nessus/54934", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(54934);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-1146\", \"CVE-2011-1166\", \"CVE-2011-1486\", \"CVE-2011-1583\");\n\n script_name(english:\"SuSE 11.1 Security Update : Xen (SAT Patch Number 4491)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Collective May/2011 update for Xen\n\nXen :\n\n - 679344: Xen: multi-vCPU pv guest may crash host\n\n - 675817: Kernel panic when creating HVM guests on AMD\n platforms with XSAVE\n\n - 678871: dom0 hangs long time when starting hvm guests\n with memory >= 64GB\n\n - 675363: Random lockups with kernel-xen. Possibly\n graphics related\n\n - 678229: restore of sles HVM fails\n\n - 672833: xen-tools bug causing problems with Ubuntu 10.10\n under Xen 4.\n\n - 665610: xm console > 1 to same VM messes up both\n consoles\n\n - 687981: mistyping model type when defining VIF crashes\n VM\n\n - 688473: Fix potential buffer overflow in decode\n\n - 691238: revert accidental behaviour change in xm list\n\n - 680824: dom0 can't recognize boot disk when IOMMU is\n enabled\n\n - 623680: xen kernel freezes during boot when processor\n module is loaded vm-install :\n\n - 678152: virt-manager: harmless block device admin\n actions on FV guests mess up network (VIF) device type\n ==> network lost.\n\n - 688757: SLED10SP4 fully virtualized in SLES10SP4 XEN -\n kernel panic libvirt :\n\n - 674371: qemu aio mode per disk\n\n - 675861: Force FLR on for buggy SR-IOV devices\n\n - 678406: libvirt: several API calls do not honour\n read-only\n\n - 684877: libvirt: error reporting in libvirtd is not\n thread safe\n\n - 686737: virsh: Add option 'model' to attach-interface\n\n - 681546: Fix xmdomain.cfg to libvirt XML format\n conversion\n\n - 688306: Handle support for recent KVM versions\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=623680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=665610\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=672833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=674371\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675363\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675817\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675861\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678229\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678406\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678871\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=679344\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=680824\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=681546\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=684877\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=686737\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=687981\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=688306\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=688473\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=688757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=691238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1146.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1166.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1486.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-1583.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4491.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libvirt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libvirt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libvirt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:vm-install\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/06/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"libvirt-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"libvirt-doc-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"libvirt-python-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"vm-install-0.4.30-0.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"xen-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"xen-kmp-default-4.0.1_21326_08_2.6.32.36_0.5-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"xen-kmp-pae-4.0.1_21326_08_2.6.32.36_0.5-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"xen-libs-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"xen-tools-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"xen-tools-domU-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libvirt-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libvirt-doc-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libvirt-python-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"vm-install-0.4.30-0.3.2\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"xen-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"xen-kmp-default-4.0.1_21326_08_2.6.32.36_0.5-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"xen-libs-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"xen-tools-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"xen-tools-domU-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"libvirt-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"libvirt-doc-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"libvirt-python-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"vm-install-0.4.30-0.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"xen-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"xen-doc-html-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"xen-doc-pdf-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"xen-kmp-default-4.0.1_21326_08_2.6.32.36_0.5-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"xen-kmp-pae-4.0.1_21326_08_2.6.32.36_0.5-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"xen-libs-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"xen-tools-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"i586\", reference:\"xen-tools-domU-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libvirt-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libvirt-doc-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libvirt-python-0.7.6-1.21.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"vm-install-0.4.30-0.3.2\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"xen-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"xen-doc-html-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"xen-doc-pdf-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"xen-kmp-default-4.0.1_21326_08_2.6.32.36_0.5-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"xen-libs-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"xen-tools-4.0.1_21326_08-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"xen-tools-domU-4.0.1_21326_08-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T14:36:50", "description": "Collective May/2011 update for Xen\n\nXen :\n\n - 675363 - Random lockups with kernel-xen. Possibly\n graphics related.\n\n - 679344 - Xen: multi-vCPU pv guest may crash host\n\n - 681044 - update xenpaging.autostart.patch\n\n - 681302 - xm create -x <guest> returns 'ImportError: No\n module named ext'\n\n - 688473 - potential buffer overflow in tools\n\n - 691738 - Xen does not find device create with npiv block\n\nvm-install :\n\n - 688757 - SLED10SP4 fully virtualized in SLES10SP4 XEN -\n kernel panic\n\n - 678152 - Xen: virt-manager: harmless block device admin\n actions on FV guests mess up network (VIF) device type\n ==> network lost.\n\n - 631680 - OpenSUSE 11.3 KVM install of windows xp fails\n on first reboot during installation.", "edition": 25, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : xen-201105 (openSUSE-SU-2011:0578-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-1486", "CVE-2011-1166", "CVE-2011-1583", "CVE-2011-1146"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:xen-doc-html", "p-cpe:/a:novell:opensuse:xen-devel", "p-cpe:/a:novell:opensuse:xen-kmp-desktop", "p-cpe:/a:novell:opensuse:vm-install", "p-cpe:/a:novell:opensuse:xen-kmp-pae", "p-cpe:/a:novell:opensuse:xen", "p-cpe:/a:novell:opensuse:xen-tools-debuginfo", "p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo", "cpe:/o:novell:opensuse:11.4", "p-cpe:/a:novell:opensuse:xen-doc-pdf", "p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs", "p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo", "p-cpe:/a:novell:opensuse:xen-libs-debuginfo", "p-cpe:/a:novell:opensuse:xen-debugsource", "p-cpe:/a:novell:opensuse:xen-tools", "p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo", "p-cpe:/a:novell:opensuse:xen-tools-domU", "p-cpe:/a:novell:opensuse:xen-kmp-default"], "id": "SUSE_11_4_XEN-201105-110510.NASL", "href": "https://www.tenable.com/plugins/nessus/76048", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update xen-201105-4534.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76048);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-1146\", \"CVE-2011-1166\", \"CVE-2011-1486\", \"CVE-2011-1583\");\n\n script_name(english:\"openSUSE Security Update : xen-201105 (openSUSE-SU-2011:0578-1)\");\n script_summary(english:\"Check for the xen-201105-4534 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Collective May/2011 update for Xen\n\nXen :\n\n - 675363 - Random lockups with kernel-xen. Possibly\n graphics related.\n\n - 679344 - Xen: multi-vCPU pv guest may crash host\n\n - 681044 - update xenpaging.autostart.patch\n\n - 681302 - xm create -x <guest> returns 'ImportError: No\n module named ext'\n\n - 688473 - potential buffer overflow in tools\n\n - 691738 - Xen does not find device create with npiv block\n\nvm-install :\n\n - 688757 - SLED10SP4 fully virtualized in SLES10SP4 XEN -\n kernel panic\n\n - 678152 - Xen: virt-manager: harmless block device admin\n actions on FV guests mess up network (VIF) device type\n ==> network lost.\n\n - 631680 - OpenSUSE 11.3 KVM install of windows xp fails\n on first reboot during installation.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=631680\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=675363\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=678152\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=679344\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=681044\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=681302\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=688473\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=688757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=691238\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=691738\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-05/msg00065.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen-201105 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:vm-install\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-doc-pdf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-desktop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-kmp-pae-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:xen-tools-domU-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/05/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"vm-install-0.4.30-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-4.0.2_02-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-debugsource-4.0.2_02-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-devel-4.0.2_02-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-doc-html-4.0.2_02-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-doc-pdf-4.0.2_02-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-kmp-default-4.0.2_02_k2.6.37.6_0.5-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-kmp-default-debuginfo-4.0.2_02_k2.6.37.6_0.5-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-kmp-desktop-4.0.2_02_k2.6.37.6_0.5-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-kmp-desktop-debuginfo-4.0.2_02_k2.6.37.6_0.5-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-kmp-pae-4.0.2_02_k2.6.37.6_0.5-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-kmp-pae-debuginfo-4.0.2_02_k2.6.37.6_0.5-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-libs-4.0.2_02-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-libs-debuginfo-4.0.2_02-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-tools-4.0.2_02-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-tools-debuginfo-4.0.2_02-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-tools-domU-4.0.2_02-4.9.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"xen-tools-domU-debuginfo-4.0.2_02-4.9.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1146", "CVE-2011-1486", "CVE-2011-2511"], "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. ", "modified": "2011-07-22T19:34:03", "published": "2011-07-22T19:34:03", "id": "FEDORA:CAECE110D4F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: libvirt-0.8.3-10.fc14", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2178", "CVE-2011-2511"], "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. ", "modified": "2011-07-12T05:00:33", "published": "2011-07-12T05:00:33", "id": "FEDORA:79E5C110A75", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: libvirt-0.8.8-7.fc15", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:S/C:C/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1146", "CVE-2011-1486"], "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. ", "modified": "2011-04-18T21:23:20", "published": "2011-04-18T21:23:20", "id": "FEDORA:C9820110ACB", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: libvirt-0.8.2-6.fc13", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1146", "CVE-2011-1486"], "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. ", "modified": "2011-04-11T21:00:16", "published": "2011-04-11T21:00:16", "id": "FEDORA:BC0FE110B14", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: libvirt-0.8.3-9.fc14", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1146"], "description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. ", "modified": "2011-03-19T05:50:43", "published": "2011-03-19T05:50:43", "id": "FEDORA:541071110D8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: libvirt-0.8.8-3.fc15", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:38:40", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2511", "CVE-2011-1146"], "description": "[0.8.2-22.0.1.el5]\n- Replaced docs/et.png in tarball\n[libvirt-0.8.2-22.el5]\n- Fix auditing of disk hotunplug operations (rhbz#710151)\n[libvirt-0.8.2-21.el5]\n- remote: Protect against integer overflow (rhbz#717207)\n[0.8.2-20.el5]\n- Support enabling or disabling the HPET for Xen domains (rhbz#703193)\n- SMBIOS support (rhbz#661365)\n[0.8.2-19.el5]\n- xen: Plug memory leak in multiple serial ports support (rhbz#670789)\n- Manually kill gzip if restore fails before starting qemu (rhbz#681623)\n- qemu: Avoid double close on domain restore (rhbz#681623)\n- virterror: Avoid API breakage with vmware (rhbz#665075)\n- nwfilter: Resolve deadlock between VM ops and filter update (rhbz#697749)\n[0.8.2-18.el5]\n- xen: Prevent updating device when attaching a device (rhbz#662908)\n- Add PCI sysfs reset access (rhbz#689880)\n- xencapstest: Don't fail when Xen is installed (rhbz#690459)\n- Make error reporting in libvirtd thread safe (rhbz#690733)\n[0.8.2-17.el5]\n- Fix event-handling data race (rhbz#671569)\n- Add support for multiple serial ports into the Xen driver (rhbz#670789)\n- Add missing checks for read only connections (CVE-2011-1146)\n- Guess rhel macro based on dist macro (rhbz#665325)\n[0.8.2-16.el5]\n- Fix possible crash in virExec (rhbz#665549)", "edition": 4, "modified": "2011-07-31T00:00:00", "published": "2011-07-31T00:00:00", "id": "ELSA-2011-1019", "href": "http://linux.oracle.com/errata/ELSA-2011-1019.html", "title": "libvirt security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:38:33", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2511"], "description": "[0.8.7-18.0.1.el6_1.1 ]\n- Replace docs/et.png in tarball with blank image\n[libvirt-0.8.7-18.el6_1.1]\n- debug: Avoid null dereference on uuid lookup api (rhbz#728546)\n- Fix auditing of disk hotunplug operations (rhbz#728516)\n- storage: Fix regression with backing format (rhbz#726617)\n- Fix performance problem of virStorageVolCreateXMLFrom() (rhbz#715400)\n- qemu: Translate boot config into bootindex if possible (rhbz#715401)\n- remote: Protect against integer overflow (rhbz#717202)\nResolves: rhbz#728546, rhbz#728516, rhbz#715400, rhbz#715401, rhbz#717202\nResolves: rhbz#726617", "edition": 4, "modified": "2011-08-23T00:00:00", "published": "2011-08-23T00:00:00", "id": "ELSA-2011-1197", "href": "http://linux.oracle.com/errata/ELSA-2011-1197.html", "title": "libvirt security and bug fix update", "type": "oraclelinux", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:34:10", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1146"], "description": "[0.8.1-27.0.1.el6_0.5]\n- Replace docs/et.png in tarball with blank image\n[0.8.1-27.el6_0.5]\n- Properly report error in virConnectDomainXMLToNative (CVE-2011-1146)\n[0.8.1-27.el6_0.4]\n- Add missing checks for read-only connections (CVE-2011-1146)\n[0.8.1-27.el6_0.3]\n- Remove patches not suitable for proper Z-stream:\n - Export host information through SMBIOS to guests (rhbz#652678)\n - Support forcing a CDROM eject (rhbz#658147)\n- Plug several memory leaks (rhbz#672549)\n- Avoid memory overhead of matchpathcon (rhbz#672554)\n- Do not start libvirt-guests if that service is off (rhbz#668694)\n[0.8.1-27.el6_0.2]\n- spec file cleanups (rhbz#662045)\n- Fix deadlock on concurrent multiple bidirectional migration (rhbz#662043)\n- Fix off-by-one error in clock-variable (rhbz#662046)\n- Export host information through SMBIOS to guests (rhbz#652678)\n- Ensure device is deleted from guest after unplug (rhbz#662041)\n- Distinguish between QEMU domain shutdown and crash (rhbz#662042)\n[0.8.1-27.el6_0.1]\n- Fix JSON migrate_set_downtime command (rhbz#658143)\n- Make SASL work over UNIX domain sockets (rhbz#658144)\n- Let qemu group look below /var/lib/libvirt/qemu/ (rhbz#656972)\n- Fix save/restore on root_squashed NFS (rhbz#656355)\n- Fix race on multiple migration (rhbz#658141)\n- Export host information through SMBIOS to guests (rhbz#652678)\n- Support forcing a CDROM eject (rhbz#658147)", "edition": 4, "modified": "2011-03-28T00:00:00", "published": "2011-03-28T00:00:00", "id": "ELSA-2011-0391", "href": "http://linux.oracle.com/errata/ELSA-2011-0391.html", "title": "libvirt security update", "type": "oraclelinux", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2019-05-30T02:22:13", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1486", "CVE-2011-2511"], "description": "Guido G\u00fcnther uploaded new packages for libvirt which fixed the\nfollowing security problems:\n\nCVE-2011-2511\n Integer overflow in VirDomainGetVcpus\n\nCVE-2011-1486\n Non thread safe error reporting\n\nFor the squeeze-backports distribution the problems have been fixed in\nversion 0.9.2-7~bpo60+1.\n\nFor the lenny-backports distribution the problems have been fixed in\nversion 0.8.3-5+squeeze2~bpo50+2.\n\nFor lenny-backports only:\n\nIf you don't use pinning (see [1]) you have to update the package\nmanually via "apt-get -t lenny-backports install <packagelist>" with\nthe packagelist of your installed packages affected by this update.\n[1] <http://backports.debian.org/Instructions>\n\nWe recommend to pin (in /etc/apt/preferences) the backports repository to\n200 so that new versions of installed backports will be installed\nautomatically. \n\n Package: *\n Pin: release a=lenny-backports\n Pin-Priority: 200\n\n", "edition": 2, "modified": "2011-11-11T11:47:13", "published": "2011-11-11T11:47:13", "id": "DEBIAN:BSA-052:2E8C1", "href": "https://lists.debian.org/debian-backports-announce/2011/debian-backports-announce-201111/msg00000.html", "title": "[BSA-052] Security Update for libvirt", "type": "debian", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-11-11T13:23:53", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1486", "CVE-2011-2511"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2280-1 security@debian.org\nhttp://www.debian.org/security/ Steffen Joeris\nJuly 19, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libvirt\nVulnerability : several\nProblem type : remote\nDebian-specific: no\nCVE IDs : CVE-2011-2511 CVE-2011-1486\nDebian Bugs : 633630 623222\n\nIt was discovered that libvirt, a library for interfacing with different\nvirtualization systems, is prone to an integer overflow (CVE-2011-2511).\nAdditionally, the stable version is prone to a denial of service,\nbecause its error reporting is not thread-safe (CVE-2011-1486).\n\nFor the stable distribution (squeeze), these problems have been fixed in\nversion 0.8.3-5+squeeze2.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\nversion 0.4.6-10+lenny2.\n\nFor the testing distribution (wheezy), these problems will fixed soon.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 0.9.2-7). \n \n \nWe recommend that you upgrade your libvirt packages. \n \nFurther information about Debian Security Advisories, how to apply \nthese updates to your system and frequently asked questions can be \nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n\n", "edition": 3, "modified": "2011-07-19T09:45:09", "published": "2011-07-19T09:45:09", "id": "DEBIAN:DSA-2280-1:ECE34", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00154.html", "title": "[SECURITY] [DSA 2280-1] libvirt security update", "type": "debian", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-11-11T13:24:38", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1146"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2194-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nMarch 18, 2011 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libvirt\nVulnerability : insufficient checks\nProblem type : local\nDebian-specific: no\nCVE ID : CVE-2011-1146\nDebian Bug : 617773\n\nIt was discovered that libvirt, a library for interfacing with different\nvirtualization systems, did not properly check for read-only connections.\nThis allowed a local attacker to perform a denial of service (crash) or\npossibly escalate privileges.\n\nThe oldstable distribution (lenny) is not affected by this problem.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.8.3-5+squeeze1.\n\nFor the testing distribution (wheezy), this problem will be fixed soon.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 0.8.8-3.\n\nWe recommend that you upgrade your libvirt packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 3, "modified": "2011-03-18T07:48:13", "published": "2011-03-18T07:48:13", "id": "DEBIAN:DSA-2194-1:BEA3B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2011/msg00061.html", "title": "[SECURITY] [DSA 2194-1] libvirt security update", "type": "debian", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:41", "bulletinFamily": "software", "cvelist": ["CVE-2011-1486", "CVE-2011-2511"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2280-1 security@debian.org\r\nhttp://www.debian.org/security/ Steffen Joeris\r\nJuly 19, 2011 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : libvirt\r\nVulnerability : several\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE IDs : CVE-2011-2511 CVE-2011-1486\r\nDebian Bugs : 633630 623222\r\n\r\nIt was discovered that libvirt, a library for interfacing with different\r\nvirtualization systems, is prone to an integer overflow (CVE-2011-2511).\r\nAdditionally, the stable version is prone to a denial of service,\r\nbecause its error reporting is not thread-safe (CVE-2011-1486).\r\n\r\nFor the stable distribution (squeeze), these problems have been fixed in\r\nversion 0.8.3-5+squeeze2.\r\n\r\nFor the oldstable distribution (lenny), this problem has been fixed in\r\nversion 0.4.6-10+lenny2.\r\n\r\nFor the testing distribution (wheezy), these problems will fixed soon.\r\n\r\nFor the unstable distribution (sid), these problems have been fixed in\r\nversion 0.9.2-7). \r\n \r\n \r\nWe recommend that you upgrade your libvirt packages. \r\n \r\nFurther information about Debian Security Advisories, how to apply \r\nthese updates to your system and frequently asked questions can be \r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.11 (GNU/Linux)\r\n\r\niEYEARECAAYFAk4k3LkACgkQ62zWxYk/rQe4PACgn2A0l43mGtxkVmTpbJiWJ4sO\r\nLZwAniQr0BWwmjQ5QzorFbWdEvMUT7Ao\r\n=AnRs\r\n-----END PGP SIGNATURE-----\r\n\r\n\r\n\r\n", "edition": 1, "modified": "2011-07-22T00:00:00", "published": "2011-07-22T00:00:00", "id": "SECURITYVULNS:DOC:26676", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26676", "title": "[SECURITY] [DSA 2280-1] libvirt security update", "type": "securityvulns", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:42", "bulletinFamily": "software", "cvelist": ["CVE-2011-1486", "CVE-2011-2178"], "description": "DoS, off-by-one.", "edition": 1, "modified": "2011-06-19T00:00:00", "published": "2011-06-19T00:00:00", "id": "SECURITYVULNS:VULN:11743", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11743", "title": "libvirt security vulnerabilities", "type": "securityvulns", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:10:41", "bulletinFamily": "software", "cvelist": ["CVE-2011-1486", "CVE-2010-2238", "CVE-2011-2178"], "description": "==========================================================================\r\nUbuntu Security Notice USN-1152-1\r\nJune 16, 2011\r\n\r\nlibvirt vulnerabilities\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 11.04\r\n- Ubuntu 10.10\r\n- Ubuntu 10.04 LTS\r\n\r\nSummary:\r\n\r\nLibvirt could be made to crash or read arbitrary files on the host.\r\n\r\nSoftware Description:\r\n- libvirt: Libvirt virtualization toolkit\r\n\r\nDetails:\r\n\r\nIt was discovered that libvirt did not use thread-safe error reporting. A\r\nremote attacker could exploit this to cause a denial of service via\r\napplication crash. (CVE-2011-1486)\r\n\r\nEric Blake discovered that libvirt had an off-by-one error which could\r\nbe used to reopen disk probing and bypass the fix for CVE-2010-2238. A\r\nprivileged attacker in the guest could exploit this to read arbitrary files\r\non the host. This issue only affected Ubuntu 11.04. By default, guests are\r\nconfined by an AppArmor profile which provided partial protection against\r\nthis flaw. (CVE-2011-2178)\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 11.04:\r\n libvirt-bin 0.8.8-1ubuntu6.2\r\n libvirt0 0.8.8-1ubuntu6.2\r\n\r\nUbuntu 10.10:\r\n libvirt-bin 0.8.3-1ubuntu18\r\n libvirt0 0.8.3-1ubuntu18\r\n\r\nUbuntu 10.04 LTS:\r\n libvirt-bin 0.7.5-5ubuntu27.13\r\n libvirt0 0.7.5-5ubuntu27.13\r\n\r\nIn general, a standard system update will make all the necessary changes.\r\n\r\nReferences:\r\n CVE-2011-1486, CVE-2011-2178\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/libvirt/0.8.8-1ubuntu6.2\r\n https://launchpad.net/ubuntu/+source/libvirt/0.8.3-1ubuntu18\r\n https://launchpad.net/ubuntu/+source/libvirt/0.7.5-5ubuntu27.13\r\n\r\n", "edition": 1, "modified": "2011-06-19T00:00:00", "published": "2011-06-19T00:00:00", "id": "SECURITYVULNS:DOC:26570", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:26570", "title": "[USN-1152-1] libvirt vulnerabilities", "type": "securityvulns", "cvss": {"score": 4.4, "vector": "AV:LOCAL/AC:MEDIUM/Au:SINGLE_INSTANCE/C:COMPLETE/I:NONE/A:NONE/"}}, {"lastseen": "2018-08-31T11:09:43", "bulletinFamily": "software", "cvelist": ["CVE-2011-2511"], "description": "No description provided", "edition": 1, "modified": "2011-07-22T00:00:00", "published": "2011-07-22T00:00:00", "id": "SECURITYVULNS:VULN:11800", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11800", "title": "libvirt integer overflow", "type": "securityvulns", "cvss": {"score": 4.0, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:39", "bulletinFamily": "software", "cvelist": ["CVE-2011-1146"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2194-1 security@debian.org\r\nhttp://www.debian.org/security/ Thijs Kinkhorst\r\nMarch 18, 2011 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : libvirt\r\nVulnerability : insufficient checks\r\nProblem type : local\r\nDebian-specific: no\r\nCVE ID : CVE-2011-1146\r\nDebian Bug : 617773\r\n\r\nIt was discovered that libvirt, a library for interfacing with different\r\nvirtualization systems, did not properly check for read-only connections.\r\nThis allowed a local attacker to perform a denial of service (crash) or\r\npossibly escalate privileges.\r\n\r\nThe oldstable distribution (lenny) is not affected by this problem.\r\n\r\nFor the stable distribution (squeeze), this problem has been fixed in\r\nversion 0.8.3-5+squeeze1.\r\n\r\nFor the testing distribution (wheezy), this problem will be fixed soon.\r\n\r\nFor the unstable distribution (sid), this problem has been fixed in\r\nversion 0.8.8-3.\r\n\r\nWe recommend that you upgrade your libvirt packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.10 (GNU/Linux)\r\n\r\niQEcBAEBAgAGBQJNgw2+AAoJEOxfUAG2iX57AyEIAIKiPeyIGmkNf9ghME6ZylBl\r\nsOnwF/Y4BfDbOQjlEzT/TXYOXoNSzBqrwUZyuk0N5gkuAWdwqSZv8NW+dMFtJtqx\r\nGTdxdQAnahwsKoFKjTGd+C+u1lew1SnjuaTD8fAPyONTXimdasz0JGkJCflnkYe1\r\nLQ4zUFxmDphgdLB+dl2IJedG8j4NAAxHz407oY8wEkie4VwWo1O/YZlOyo5ZBkDl\r\nBKync5ecQx5TDEI8q+6BWmucUiapn9Dt1JLVzDjFy2WT6SjGbqGeJ/69tOALk6Sz\r\niFyhL0UoxdoQ90fWV1FHGAgG+yypklRqZIQq3e3lUGxU3eQRHDil37zpJokAvl4=\r\n=0RVC\r\n-----END PGP SIGNATURE-----", "edition": 1, "modified": "2011-03-23T00:00:00", "published": "2011-03-23T00:00:00", "id": "SECURITYVULNS:DOC:25984", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:25984", "title": "[SECURITY] [DSA 2194-1] libvirt security update", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:41", "bulletinFamily": "software", "cvelist": ["CVE-2011-1146"], "description": "No description provided", "edition": 1, "modified": "2011-03-23T00:00:00", "published": "2011-03-23T00:00:00", "id": "SECURITYVULNS:VULN:11525", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11525", "title": "libvirt protection bypass", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "ubuntu": [{"lastseen": "2020-07-09T00:20:19", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1486", "CVE-2010-2238", "CVE-2011-2178"], "description": "It was discovered that libvirt did not use thread-safe error reporting. A \nremote attacker could exploit this to cause a denial of service via \napplication crash. (CVE-2011-1486)\n\nEric Blake discovered that libvirt had an off-by-one error which could \nbe used to reopen disk probing and bypass the fix for CVE-2010-2238. A \nprivileged attacker in the guest could exploit this to read arbitrary files \non the host. This issue only affected Ubuntu 11.04. By default, guests are \nconfined by an AppArmor profile which provided partial protection against \nthis flaw. (CVE-2011-2178)", "edition": 5, "modified": "2011-06-16T00:00:00", "published": "2011-06-16T00:00:00", "id": "USN-1152-1", "href": "https://ubuntu.com/security/notices/USN-1152-1", "title": "libvirt vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.4, "vector": "AV:L/AC:M/Au:S/C:C/I:N/A:N"}}, {"lastseen": "2020-07-09T00:25:18", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2511"], "description": "Eric Blake discovered an integer overflow flaw in libvirt. A remote \nauthenticated attacker could exploit this by sending a crafted VCPU RPC \ncall and cause a denial of service via application crash.", "edition": 5, "modified": "2011-07-28T00:00:00", "published": "2011-07-28T00:00:00", "id": "USN-1180-1", "href": "https://ubuntu.com/security/notices/USN-1180-1", "title": "libvirt vulnerability", "type": "ubuntu", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-07-09T00:26:33", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1146"], "description": "Petr Matousek discovered that libvirt did not always honor read-only \nconnections. An attacker who is authorized to connect to the libvirt daemon \ncould exploit this to cause a denial of service via application crash.", "edition": 5, "modified": "2011-03-29T00:00:00", "published": "2011-03-29T00:00:00", "id": "USN-1094-1", "href": "https://ubuntu.com/security/notices/USN-1094-1", "title": "Libvirt vulnerability", "type": "ubuntu", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2020-10-30T13:23:10", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2511"], "description": "**CentOS Errata and Security Advisory** CESA-2011:1019\n\n\nThe libvirt library is a C API for managing and interacting with the\nvirtualization capabilities of Linux and other operating systems.\n\nAn integer overflow flaw was found in libvirtd's RPC call handling. An\nattacker able to establish read-only connections to libvirtd could trigger\nthis flaw by calling virDomainGetVcpus() with specially-crafted parameters,\ncausing libvirtd to crash. (CVE-2011-2511)\n\nThis update fixes the following bugs:\n\n* libvirt was rebased from version 0.6.3 to version 0.8.2 in Red Hat\nEnterprise Linux 5.6. A code audit found a minor API change that effected\nerror messages seen by libvirt 0.8.2 clients talking to libvirt 0.7.1 -\n0.7.7 (0.7.x) servers. A libvirt 0.7.x server could send\nVIR_ERR_BUILD_FIREWALL errors where a libvirt 0.8.2 client expected\nVIR_ERR_CONFIG_UNSUPPORTED errors. In other circumstances, a libvirt 0.8.2\nclient saw a \"Timed out during operation\" message where it should see an\n\"Invalid network filter\" error. This update adds a backported patch that\nallows libvirt 0.8.2 clients to interoperate with the API as used by\nlibvirt 0.7.x servers, ensuring correct error messages are sent.\n(BZ#665075)\n\n* libvirt could crash if the maximum number of open file descriptors\n(_SC_OPEN_MAX) grew larger than the FD_SETSIZE value because it accessed\nfile descriptors outside the bounds of the set. With this update the\nmaximum number of open file descriptors can no longer grow larger than the\nFD_SETSIZE value. (BZ#665549)\n\n* A libvirt race condition was found. An array in the libvirt event\nhandlers was accessed with a lock temporarily released. In rare cases, if\none thread attempted to access this array but a second thread reallocated\nthe array before the first thread reacquired a lock, it could lead to the\nfirst thread attempting to access freed memory, potentially causing libvirt\nto crash. With this update libvirt no longer refers to the old array and,\nconsequently, behaves as expected. (BZ#671569)\n\n* Guests connected to a passthrough NIC would kernel panic if a\nsystem_reset signal was sent through the QEMU monitor. With this update you\ncan reset such guests as expected. (BZ#689880)\n\n* When using the Xen kernel, the rpmbuild command failed on the xencapstest\ntest. With this update you can run rpmbuild successfully when using the Xen\nkernel. (BZ#690459)\n\n* When a disk was hot unplugged, \"ret >= 0\" was passed to the qemuAuditDisk\ncalls in disk hotunplug operations before ret was, in fact, set to 0. As\nwell, the error path jumped to the \"cleanup\" label prematurely. As a\nconsequence, hotunplug failures were not audited and hotunplug successes\nwere audited as failures. This was corrected and hot unplugging checks now\nbehave as expected. (BZ#710151)\n\n* A conflict existed between filter update locking sequences and virtual\nmachine startup locking sequences. When a filter update occurred on one or\nmore virtual machines, a deadlock could consequently occur if a virtual\nmachine referencing a filter was started. This update changes and makes\nmore flexible several qemu locking sequences ensuring this deadlock no\nlonger occurs. (BZ#697749)\n\n* qemudDomainSaveImageStartVM closed some incoming file descriptor (fd)\narguments without informing the caller. The consequent double-closes could\ncause Domain restoration failure. This update alters the\nqemudDomainSaveImageStartVM signature to prevent the double-closes.\n(BZ#681623)\n\nThis update also adds the following enhancements:\n\n* The libvirt Xen driver now supports more than one serial port.\n(BZ#670789)\n\n* Enabling and disabling the High Precision Event Timer (HPET) in Xen\ndomains is now possible. (BZ#703193)\n\nAll libvirt users should install this update which addresses this\nvulnerability, fixes these bugs and adds these enhancements. After\ninstalling the updated packages, libvirtd must be restarted (\"service\nlibvirtd restart\") for this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-September/029918.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-September/029919.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2011-September/006278.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2011-September/006279.html\n\n**Affected packages:**\nlibvirt\nlibvirt-devel\nlibvirt-python\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-1019.html", "edition": 89, "modified": "2011-09-22T10:00:54", "published": "2011-09-01T16:11:34", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2011-September/006278.html", "id": "CESA-2011:1019", "title": "libvirt security update", "type": "centos", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2020-07-17T03:29:06", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1146"], "description": "**CentOS Errata and Security Advisory** CESA-2011:0391\n\n\nThe libvirt library is a C API for managing and interacting with the\nvirtualization capabilities of Linux and other operating systems. In\naddition, libvirt provides tools for remotely managing virtualized systems.\n\nIt was found that several libvirt API calls did not honor the read-only\npermission for connections. A local attacker able to establish a read-only\nconnection to libvirtd on a server could use this flaw to execute commands\nthat should be restricted to read-write connections, possibly leading to a\ndenial of service or privilege escalation. (CVE-2011-1146)\n\nNote: Previously, using rpmbuild without the '--define \"rhel 5\"' option to\nbuild the libvirt source RPM on Red Hat Enterprise Linux 5 failed with a\n\"Failed build dependencies\" error for the device-mapper-devel package, as\nthis -devel sub-package is not available on Red Hat Enterprise Linux 5.\nWith this update, the -devel sub-package is no longer checked by default as\na dependency when building on Red Hat Enterprise Linux 5, allowing the\nlibvirt source RPM to build as expected.\n\nAll libvirt users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdated packages, libvirtd must be restarted (\"service libvirtd restart\")\nfor this update to take effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-April/029494.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-April/029495.html\n\n**Affected packages:**\nlibvirt\nlibvirt-devel\nlibvirt-python\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-0391.html", "edition": 5, "modified": "2011-04-28T14:15:01", "published": "2011-04-28T14:15:01", "href": "http://lists.centos.org/pipermail/centos-announce/2011-April/029494.html", "id": "CESA-2011:0391", "title": "libvirt security update", "type": "centos", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:44:33", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2511"], "description": "The libvirt library is a C API for managing and interacting with the\nvirtualization capabilities of Linux and other operating systems.\n\nAn integer overflow flaw was found in libvirtd's RPC call handling. An\nattacker able to establish read-only connections to libvirtd could trigger\nthis flaw by calling virDomainGetVcpus() with specially-crafted parameters,\ncausing libvirtd to crash. (CVE-2011-2511)\n\nThis update fixes the following bugs:\n\n* libvirt was rebased from version 0.6.3 to version 0.8.2 in Red Hat\nEnterprise Linux 5.6. A code audit found a minor API change that effected\nerror messages seen by libvirt 0.8.2 clients talking to libvirt 0.7.1 -\n0.7.7 (0.7.x) servers. A libvirt 0.7.x server could send\nVIR_ERR_BUILD_FIREWALL errors where a libvirt 0.8.2 client expected\nVIR_ERR_CONFIG_UNSUPPORTED errors. In other circumstances, a libvirt 0.8.2\nclient saw a \"Timed out during operation\" message where it should see an\n\"Invalid network filter\" error. This update adds a backported patch that\nallows libvirt 0.8.2 clients to interoperate with the API as used by\nlibvirt 0.7.x servers, ensuring correct error messages are sent.\n(BZ#665075)\n\n* libvirt could crash if the maximum number of open file descriptors\n(_SC_OPEN_MAX) grew larger than the FD_SETSIZE value because it accessed\nfile descriptors outside the bounds of the set. With this update the\nmaximum number of open file descriptors can no longer grow larger than the\nFD_SETSIZE value. (BZ#665549)\n\n* A libvirt race condition was found. An array in the libvirt event\nhandlers was accessed with a lock temporarily released. In rare cases, if\none thread attempted to access this array but a second thread reallocated\nthe array before the first thread reacquired a lock, it could lead to the\nfirst thread attempting to access freed memory, potentially causing libvirt\nto crash. With this update libvirt no longer refers to the old array and,\nconsequently, behaves as expected. (BZ#671569)\n\n* Guests connected to a passthrough NIC would kernel panic if a\nsystem_reset signal was sent through the QEMU monitor. With this update you\ncan reset such guests as expected. (BZ#689880)\n\n* When using the Xen kernel, the rpmbuild command failed on the xencapstest\ntest. With this update you can run rpmbuild successfully when using the Xen\nkernel. (BZ#690459)\n\n* When a disk was hot unplugged, \"ret >= 0\" was passed to the qemuAuditDisk\ncalls in disk hotunplug operations before ret was, in fact, set to 0. As\nwell, the error path jumped to the \"cleanup\" label prematurely. As a\nconsequence, hotunplug failures were not audited and hotunplug successes\nwere audited as failures. This was corrected and hot unplugging checks now\nbehave as expected. (BZ#710151)\n\n* A conflict existed between filter update locking sequences and virtual\nmachine startup locking sequences. When a filter update occurred on one or\nmore virtual machines, a deadlock could consequently occur if a virtual\nmachine referencing a filter was started. This update changes and makes\nmore flexible several qemu locking sequences ensuring this deadlock no\nlonger occurs. (BZ#697749)\n\n* qemudDomainSaveImageStartVM closed some incoming file descriptor (fd)\narguments without informing the caller. The consequent double-closes could\ncause Domain restoration failure. This update alters the\nqemudDomainSaveImageStartVM signature to prevent the double-closes.\n(BZ#681623)\n\nThis update also adds the following enhancements:\n\n* The libvirt Xen driver now supports more than one serial port.\n(BZ#670789)\n\n* Enabling and disabling the High Precision Event Timer (HPET) in Xen\ndomains is now possible. (BZ#703193)\n\nAll libvirt users should install this update which addresses this\nvulnerability, fixes these bugs and adds these enhancements. After\ninstalling the updated packages, libvirtd must be restarted (\"service\nlibvirtd restart\") for this update to take effect.\n", "modified": "2017-09-08T12:03:32", "published": "2011-07-21T04:00:00", "id": "RHSA-2011:1019", "href": "https://access.redhat.com/errata/RHSA-2011:1019", "type": "redhat", "title": "(RHSA-2011:1019) Moderate: libvirt security, bug fix, and enhancement update", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:44:55", "bulletinFamily": "unix", "cvelist": ["CVE-2011-2511"], "description": "The libvirt library is a C API for managing and interacting with the\nvirtualization capabilities of Linux and other operating systems. In\naddition, libvirt provides tools for remotely managing virtualized systems.\n\nAn integer overflow flaw was found in libvirtd's RPC call handling. An\nattacker able to establish read-only connections to libvirtd could trigger\nthis flaw by calling virDomainGetVcpus() with specially-crafted parameters,\ncausing libvirtd to crash. (CVE-2011-2511)\n\nThis update also fixes the following bugs:\n\n* Previously, when the \"virsh vol-create-from\" command was run on an LVM\n(Logical Volume Manager) storage pool, performance of the command was very\nlow and the operation consumed an excessive amount of time. This bug has\nbeen fixed in the virStorageVolCreateXMLFrom() function, and the\nperformance problem of the command no longer occurs.\n\n* Due to a regression, libvirt used undocumented command line options,\ninstead of the recommended ones. Consequently, the qemu-img utility used an\ninvalid argument while creating an encrypted volume, and the process\neventually failed. With this update, the bug in the backing format of the\nstorage back end has been fixed, and encrypted volumes can now be created\nas expected. (BZ#726617)\n\n* Due to a bug in the qemuAuditDisk() function, hot unplug failures were\nnever audited, and a hot unplug success was audited as a failure. This bug\nhas been fixed, and auditing of disk hot unplug operations now works as\nexpected. (BZ#728516)\n\n* Previously, when a debug process was being activated, the act of\npreparing a debug message ended up with dereferencing a UUID (universally\nunique identifier) prior to the NULL argument check. Consequently, an API\nrunning the debug process sometimes terminated with a segmentation fault.\nWith this update, a patch has been provided to address this issue, and the\ncrashes no longer occur in the described scenario. (BZ#728546)\n\n* The libvirt library uses the \"boot=on\" option to mark which disk is\nbootable but it only uses that option if Qemu advertises its support. The\nqemu-kvm utility in Red Hat Enterprise Linux 6.1 removed support for that\noption and libvirt could not use it. As a consequence, when an IDE disk was\nadded as the second storage with a virtio disk being set up as the first\none by default, the operating system tried to boot from the IDE disk rather\nthan the virtio disk and either failed to boot with the \"No bootable disk\"\nerror message returned, or the system booted whatever operating system was\non the IDE disk. With this update, the boot configuration is translated\ninto bootindex, which provides control over which device is used for\nbooting a guest operating system, thus fixing this bug.\n\nAll users of libvirt are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. After installing\nthe updated packages, libvirtd must be restarted (\"service libvirtd\nrestart\") for this update to take effect.\n", "modified": "2018-06-06T20:24:25", "published": "2011-08-23T04:00:00", "id": "RHSA-2011:1197", "href": "https://access.redhat.com/errata/RHSA-2011:1197", "type": "redhat", "title": "(RHSA-2011:1197) Moderate: libvirt security and bug fix update", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-08-13T18:46:50", "bulletinFamily": "unix", "cvelist": ["CVE-2011-1146"], "description": "The libvirt library is a C API for managing and interacting with the\nvirtualization capabilities of Linux and other operating systems. In\naddition, libvirt provides tools for remotely managing virtualized systems.\n\nIt was found that several libvirt API calls did not honor the read-only\npermission for connections. A local attacker able to establish a read-only\nconnection to libvirtd on a server could use this flaw to execute commands\nthat should be restricted to read-write connections, possibly leading to a\ndenial of service or privilege escalation. (CVE-2011-1146)\n\nNote: Previously, using rpmbuild without the '--define \"rhel 5\"' option to\nbuild the libvirt source RPM on Red Hat Enterprise Linux 5 failed with a\n\"Failed build dependencies\" error for the device-mapper-devel package, as\nthis -devel sub-package is not available on Red Hat Enterprise Linux 5.\nWith this update, the -devel sub-package is no longer checked by default as\na dependency when building on Red Hat Enterprise Linux 5, allowing the\nlibvirt source RPM to build as expected.\n\nAll libvirt users are advised to upgrade to these updated packages, which\ncontain a backported patch to resolve this issue. After installing the\nupdated packages, libvirtd must be restarted (\"service libvirtd restart\")\nfor this update to take effect.\n", "modified": "2018-06-06T20:24:11", "published": "2011-03-28T04:00:00", "id": "RHSA-2011:0391", "href": "https://access.redhat.com/errata/RHSA-2011:0391", "type": "redhat", "title": "(RHSA-2011:0391) Important: libvirt security update", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}]}
