6.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:S/C:C/I:C/A:C
The latest maintenance release of the VirtualBox (OSE) 3.2.x series
(i.e., version 3.2.28) has been uploaded to Debian LTS (squeeze). Thanks
to Gianfranco Costamagna for preparing packages for review and upload by
the Debian LTS Team.
Unfortunately, Oracle no longer provides information on specific security
vulnerabilities in VirtualBox, thus we provide their latest 3.2.28
maintenance release in Debian LTS (squeeze) directly.
The fix for CVE-2013-3792 prevents a virtio-net host DoS
vulnerability by adding large frame support to IntNet, VirtioNet and
NetFilter plus dropping oversized frames.
No further details have been provided, the attack range has been
given as local, severity low.
No further details can been provided, the attack range has been
given as local, severity low.
No further details can been provided, the attack range has been
given as local, severity medium.
This update fixes an issue related to guests using bridged networking
via WiFi.