16 matches found
Oracle: Security Advisory (ELSA-2009-0382)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 5 : libvirt (ELSA-2009-0382)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-0382 advisory. - Add missing readonly checks for APIs CVE-2008-5086 Tenable has extracted the preceding description block directly from the Oracle Linux security...
RHEL 5 : libvirt (RHSA-2009:0382)
The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:0382 advisory. - libvirt: missing checks for read-only connection CVE-2008-5086 - libvirt: libvirtproxy buffer overflow CVE-2009-0036 Note that Nessus has...
Scientific Linux Security Update : libvirt on SL5.x i386/x86_64
The libvirtd daemon was discovered to not properly check user connection permissions before performing certain privileged actions, such as requesting migration of an unprivileged guest domain to another system. A local user able to establish a read-only connection to libvirtd could use this flaw ...
Code injection
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service host OS crash or possibly execute arbitrary code via a 1 virNodeDeviceDettach, 2 virNodeDeviceReset, 3 virDomainRevertToSnapsho...
SLES10: Security update for libvirt
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: libvirt libvirt-devel libvirt-python More details may also be found by searching for the SuSE Enterprise Server 10 patch database linked in the references...
SuSE 10 Security Update : libvirt (ZYPP Patch Number 5869)
libvirt misses some read-only connection checks for certain methods. This flaw enables local unprivileged users for example to migrate virtual machines without authentication. CVE-2008-5086 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc...
openSUSE Security Update : libvirt (libvirt-373)
libvirt misses some read-only connection checks for certain methods. This flaw enables local unprivileged users for example to migrate virtual machines without authentication CVE-2008-5086. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
Fedora 10 : libvirt-0.5.1-2.fc10 (2008-11443)
fix missing read-only access checks, fixes CVE-2008-5086 - upstream release 0.5.1 - mostly bugfixes e.g 473071 - some driver improvements Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
RedHat Security Advisory RHSA-2009:0382
The remote host is missing updates announced in advisory RHSA-2009:0382. libvirt is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. libvirt also provides tools for remotely managing virtualized systems. The libvirtd daemon was...
Moderate: Red Hat Security Advisory: libvirt security update
Updated libvirt packages that fix two security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Updated 5th May 2011 After installing this update and restarting the libvirtd service, the...
Fedora Update for libvirt FEDORA-2008-11433
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
openSUSE 10 Security Update : libvirt (libvirt-5874)
libvirt misses some read-only connection checks for certain methods. This flaw enables local unprivileged users for example to migrate virtual machines without authentication CVE-2008-5086. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
Fedora 9 : libvirt-0.5.1-2.fc9 (2008-11433)
fix missing read-only access checks, fixes CVE-2008-5086 - upstream release 0.5.1 - mostly bugfixes e.g 473071 - some driver improvements Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
CVE-2008-5086
Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions...
CVE-2008-5086
CVE-2008-5086 affects libvirt 0.3.2–0.5.1. The issue arises because several methods do not verify whether a connection is read-only, allowing a local attacker to bypass intended access restrictions and execute administrative actions. The MiracleLinux/Nessus entries link this CVE to libvirt in old...