Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-2170

Malware in sbrugna...

4.4CVSS8.5AI score0.00283EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.20 views

openSUSE Security Update : libvirt (openSUSE-SU-2010:0625-1)

libvirt did not properly handle configured disk formats which potenially allowed users to read arbitrary files CVE-2010-2237, CVE-2010-2238, CVE-2010-2239 Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host CVE-2010-2242. %NASLMINLEVEL 70300 C...

4.4CVSS7.2AI score0.00423EPSS
Exploits0References7
Prion
Prion
added 2011/08/10 8:55 p.m.25 views

Design/Logic Flaw

The virSecurityManagerGetPrivateData function in security/securitymanager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary...

4.4CVSS6.5AI score0.00317EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2011/08/10 8:0 p.m.35 views

CVE-2011-2178

The virSecurityManagerGetPrivateData function in security/securitymanager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary...

4.4CVSS8.5AI score0.00283EPSS
Exploits0
OpenVAS
OpenVAS
added 2011/06/20 12:0 a.m.30 views

Ubuntu: Security Advisory (USN-1152-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS7.4AI score0.01199EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/11/16 12:0 a.m.21 views

Ubuntu Update for libvirt regression USN-1008-4

Ubuntu Update for Linux kernel vulnerabilities USN-1008-4 OpenVAS Vulnerability Test $Id: gbubuntuUSN10084.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for libvirt regression USN-1008-4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

4.4CVSS0.5AI score0.00423EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/11/16 12:0 a.m.25 views

Ubuntu: Security Advisory (USN-1008-4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS6.4AI score0.00423EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/11/09 12:0 a.m.30 views

Ubuntu 10.04 LTS : libvirt regression (USN-1008-4)

USN-1008-1 fixed vulnerabilities in libvirt. The upstream fixes for CVE-2010-2238 changed the behavior of libvirt such that the domain XML could not specify 'hostdevice' as the qemu sub-type. While libvirt 0.8.3 and later will longer support specifying this sub-type, this update restores the old...

4.4CVSS7.3AI score0.00423EPSS
Exploits0References5
Ubuntu
Ubuntu
added 2010/11/08 9:19 p.m.89 views

USN-1008-4: libvirt regression

USN-1008-1 fixed vulnerabilities in libvirt. The upstream fixes for CVE-2010-2238 changed the behavior of libvirt such that the domain XML could not specify 'hostdevice' as the qemu sub-type. While libvirt 0.8.3 and later will longer support specifying this sub-type, this update restores the old...

7.2AI score
Exploits0References1
securityvulns
securityvulns
added 2010/10/28 12:0 a.m.66 views

[USN-1008-1] libvirt vulnerabilities

=========================================================== Ubuntu Security Notice USN-1008-1 October 21, 2010 libvirt vulnerabilities CVE-2010-2237, CVE-2010-2238, CVE-2010-2239, CVE-2010-2242 =========================================================== A security issue affects the following Ubun...

4.4CVSS0.3AI score0.00423EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/10/24 12:0 a.m.26 views

Ubuntu 10.04 LTS : libvirt update (USN-1008-3)

USN-1008-1 fixed vulnerabilities in libvirt. The update for Ubuntu 10.04 LTS reverted a recent bug fix update. This update fixes the problem. We apologize for the inconvenience. It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A...

4.4CVSS7.3AI score0.00423EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2010/10/22 12:0 a.m.27 views

Ubuntu 10.04 LTS : virtinst update (USN-1008-2)

Libvirt in Ubuntu 10.04 LTS now no longer probes qemu disks for the image format and defaults to 'raw' when the format is not specified in the XML. This change in behavior breaks virt-install --import because virtinst in Ubuntu 10.04 LTS did not allow for specifying a disk format and does not...

4.4CVSS7.3AI score0.00423EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2010/10/22 12:0 a.m.27 views

Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : libvirt vulnerabilities (USN-1008-1)

It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue only affected Ubuntu 10.04 LTS. By default, guests are confined by an AppArmor...

4.4CVSS7.3AI score0.00423EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2010/10/22 12:0 a.m.29 views

Ubuntu: Security Advisory (USN-1008-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.4CVSS6.4AI score0.00423EPSS
Exploits0References3
Ubuntu
Ubuntu
added 2010/10/21 10:27 p.m.58 views

USN-1008-2: Virtinst update

Libvirt in Ubuntu 10.04 LTS now no longer probes qemu disks for the image format and defaults to 'raw' when the format is not specified in the XML. This change in behavior breaks virt-install --import because virtinst in Ubuntu 10.04 LTS did not allow for specifying a disk format and does not...

7.2AI score
Exploits0References1
Ubuntu
Ubuntu
added 2010/10/21 10:20 p.m.58 views

USN-1008-1: libvirt vulnerabilities

It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue only affected Ubuntu 10.04 LTS. By default, guests are confined by an AppArmor...

4.4CVSS7.2AI score0.00423EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/09/17 12:0 a.m.30 views

openSUSE Security Update : libvirt (openSUSE-SU-2010:0620-1)

libvirt did not properly handle configured disk formats which potenially allowed users to read arbitrary files CVE-2010-2237, CVE-2010-2238, CVE-2010-2239 Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host CVE-2010-2242. %NASLMINLEVEL 70300 C...

4.4CVSS7.2AI score0.00423EPSS
Exploits0References6
CVE
CVE
added 2010/08/19 5:43 p.m.74 views

CVE-2010-2238

The CVE-2010-2238 entry affects Red Hat libvirt (likely 0.7.2 through 0.8.2). The issue arises because libvirt recurses into disk-image backing stores without extracting the defined disk backing-store format, which may allow a guest OS user to read arbitrary host files and potentially other impac...

4.4CVSS6.7AI score0.00317EPSS
Exploits0References9Affected Software1
OpenVAS
OpenVAS
added 2010/07/30 12:0 a.m.27 views

Fedora Update for libvirt FEDORA-2010-11021

Check for the Version of libvirt OpenVAS Vulnerability Test Fedora Update for libvirt FEDORA-2010-11021 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

4.4CVSS6.5AI score0.00423EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2010/07/30 12:0 a.m.29 views

Fedora Update for libvirt FEDORA-2010-10960

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

4.4CVSS6.4AI score0.00423EPSS
Exploits0References2
Rows per page
Query Builder