MiracleLinux 4 : libvirt-0.8.1-27.5.0.1.AXS4 (AXSA:2011-132:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-132:01 advisory. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd...

MiracleLinux 3 : libvirt-0.8.2-15.3.0.1.AXS3 (AXSA:2011-130:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-130:02 advisory. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd...

Oracle: Security Advisory (ELSA-2011-0391)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : libvirt (openSUSE-SU-2011:0311-1)

several API calls did not honor the read-only flag connections. Attackers could exploit that to modify the state of the system or potentially execute code CVE-2011-1146. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

openSUSE Security Update : libvirt (openSUSE-SU-2011:0311-1)

several API calls did not honor the read-only flag connections. Attackers could exploit that to modify the state of the system or potentially execute code CVE-2011-1146. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

Scientific Linux Security Update : libvirt on SL5.x i386/x86_64

It was found that several libvirt API calls did not honor the read-only permission for connections. A local attacker able to establish a read-only connection to libvirtd on a server could use this flaw to execute commands that should be restricted to read-write connections, possibly leading to a...

CentOS Update for libvirt CESA-2011:0391 centos5 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

RedHat Update for libvirt RHSA-2011:0391-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for libvirt FEDORA-2011-9062

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for libvirt FEDORA-2011-9062

Check for the Version of libvirt OpenVAS Vulnerability Test Fedora Update for libvirt FEDORA-2011-9062 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

openSUSE Security Update : libvirt (openSUSE-SU-2011:0311-1)

several API calls did not honor the read-only flag connections. Attackers could exploit that to modify the state of the system or potentially execute code CVE-2011-1146. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...

CentOS 5 : libvirt (CESA-2011:0391)

Updated libvirt packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

Fedora Update for libvirt FEDORA-2011-4870

Check for the Version of libvirt OpenVAS Vulnerability Test Fedora Update for libvirt FEDORA-2011-4870 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Fedora Update for libvirt FEDORA-2011-4870

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Security fix for the ALT Linux 8 package libvirt version 0.9.0-alt1

April 6, 2011 Alexey Shabalin 0.9.0-alt1 - 0.9.0 - fixed CVE-2011-1146...

Ubuntu 9.10 / 10.04 LTS / 10.10 : libvirt vulnerability (USN-1094-1)

Petr Matousek discovered that libvirt did not always honor read-only connections. An attacker who is authorized to connect to the libvirt daemon could exploit this to cause a denial of service via application crash. Note that Tenable Network Security has extracted the preceding description block...

RHEL 5 / 6 : libvirt (RHSA-2011:0391)

The remote Redhat Enterprise Linux 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:0391 advisory. - libvirt: several API calls do not honour read-only connection CVE-2011-1146 Note that Nessus has not tested for this issue but has instead reli...

libvirt security update

0.8.1-27.0.1.el60.5 - Replace docs/et.png in tarball with blank image 0.8.1-27.el60.5 - Properly report error in virConnectDomainXMLToNative CVE-2011-1146 0.8.1-27.el60.4 - Add missing checks for read-only connections CVE-2011-1146 0.8.1-27.el60.3 - Remove patches not suitable for proper Z-stream...

[SECURITY] [DSA 2194-1] libvirt security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2194-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst March 18, 2011 http://www.debian.org/security/faq -...

CVE-2011-1146

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service host OS crash or possibly execute arbitrary code via a 1 virNodeDeviceDettach, 2 virNodeDeviceReset, 3 virDomainRevertToSnapsho...