25 matches found
Oracle: Security Advisory (ELSA-2010-0615)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : libvirt (openSUSE-SU-2010:0625-1)
libvirt did not properly handle configured disk formats which potenially allowed users to read arbitrary files CVE-2010-2237, CVE-2010-2238, CVE-2010-2239 Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host CVE-2010-2242. %NASLMINLEVEL 70300 C...
Oracle Linux 5 : libvirt (ELSA-2010-0615)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0615 advisory. - Explicitly set qcow2 backing store format CVE-2010-2239 - Remap privileged source ports from guests behind NAT CVE-2010-2242 Tenable has extracted th...
CentOS Update for libvirt CESA-2010:0615 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
SuSE 11 Security Update : libvirt (SAT Patch Number 2787)
Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host. CVE-2010-2242 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is...
Ubuntu: Security Advisory (USN-1008-4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for libvirt regression USN-1008-4
Ubuntu Update for Linux kernel vulnerabilities USN-1008-4 OpenVAS Vulnerability Test $Id: gbubuntuUSN10084.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for libvirt regression USN-1008-4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Ubuntu 10.04 LTS : libvirt regression (USN-1008-4)
USN-1008-1 fixed vulnerabilities in libvirt. The upstream fixes for CVE-2010-2238 changed the behavior of libvirt such that the domain XML could not specify 'hostdevice' as the qemu sub-type. While libvirt 0.8.3 and later will longer support specifying this sub-type, this update restores the old...
[USN-1008-1] libvirt vulnerabilities
=========================================================== Ubuntu Security Notice USN-1008-1 October 21, 2010 libvirt vulnerabilities CVE-2010-2237, CVE-2010-2238, CVE-2010-2239, CVE-2010-2242 =========================================================== A security issue affects the following Ubun...
Ubuntu 10.04 LTS : virtinst update (USN-1008-2)
Libvirt in Ubuntu 10.04 LTS now no longer probes qemu disks for the image format and defaults to 'raw' when the format is not specified in the XML. This change in behavior breaks virt-install --import because virtinst in Ubuntu 10.04 LTS did not allow for specifying a disk format and does not...
Ubuntu: Security Advisory (USN-1008-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : libvirt vulnerabilities (USN-1008-1)
It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue only affected Ubuntu 10.04 LTS. By default, guests are confined by an AppArmor...
USN-1008-2: Virtinst update
Libvirt in Ubuntu 10.04 LTS now no longer probes qemu disks for the image format and defaults to 'raw' when the format is not specified in the XML. This change in behavior breaks virt-install --import because virtinst in Ubuntu 10.04 LTS did not allow for specifying a disk format and does not...
SuSE 10 Security Update : libvirt (ZYPP Patch Number 7150)
Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host. CVE-2010-2242 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
openSUSE Security Update : libvirt (openSUSE-SU-2010:0621-1)
Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host CVE-2010-2242. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libvirt-2783. The text...
openSUSE Security Update : libvirt (openSUSE-SU-2010:0620-1)
libvirt did not properly handle configured disk formats which potenially allowed users to read arbitrary files CVE-2010-2237, CVE-2010-2238, CVE-2010-2239 Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host CVE-2010-2242. %NASLMINLEVEL 70300 C...
CVE-2010-2242
Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree...
CVE-2010-2242
CVE-2010-2242 relates to Red Hat/libvirt 0.2.0–0.8.2, where libvirt creates iptables rules with improper mappings of privileged source ports. This could allow a guest OS user to bypass host access restrictions by manipulating IP address and source-port values, as demonstrated by an NFS operation....
CVE-2010-2242
Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree...
CentOS 5 : libvirt (CESA-2010:0615)
Updated libvirt packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings...