23 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-0236
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIRDOMAINXMLSECURE flag with a crafted 1 snapshot to the...
Mageia: Security Advisory (MGASA-2015-0046)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:0304-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2016:0304-1)
libvirt was updated to fix one security issue and several non-security issues. This security issue was fixed : - CVE-2015-0236: libvirt allowed remote authenticated users to obtain the VNC password by using the VIRDOMAINXMLSECURE flag with a crafted 1 snapshot to the virDomainSnapshotGetXMLDesc...
Ubuntu: Security Advisory (USN-2867-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : libvirt vulnerabilities (USN-2867-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2867-1 advisory. It was discovered that libvirt incorrectly handled the firewall rules on bridge networks when the daemon was restarted. This could result in an unintende...
Oracle: Security Advisory (ELSA-2015-0323)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : libvirt (MDVSA-2015:070)
Updated libvirt packages fixes security vulnerabilities : The qemuDomainMigratePerform and qemuDomainMigrateFinish2 functions in qemu/qemudriver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors CVE-2014-813...
CentOS 7 : libvirt (CESA-2015:0323)
Updated libvirt packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...
libvirt security update
CentOS Errata and Security Advisory CESA-2015:0323 Updated libvirt packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability...
Oracle Linux 7 : libvirt (ELSA-2015-0323)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0323 advisory. - qemu: migration: Unlock vm on failed ACL check in protocol v2 APIs CVE-2014-8136 - CVE-2015-0236: qemu: Check ACLs when dumping security info from sa...
libvirt security, bug fix, and enhancement update
1.2.8-16.0.1 - Replace docs/et.png in tarball with blank image 1.2.8-16 - qemu: don't setup cpuset.mems if memory mode in numatune is not 'strict' rhbz1186094 - lxc: don't setup cpuset.mems if memory mode in numatune is not 'strict' rhbz1186094 1.2.8-15 - qemu: Add missing goto error in...
RedHat Update for libvirt RHSA-2015:0323-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : libvirt (RHSA-2015:0323)
Updated libvirt packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...
Fedora Update for libvirt FEDORA-2015-1883
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : libvirt-1.1.3.9-1.fc20 (2015-1883)
Rebased to version 1.1.3.9 - CVE-2015-0236: missing ACL check for the VIRDOMAINXMLSECURE flag in save images and snapshots objects bz 1185769 - CVE-2014-8136: local denial of service in qemu/qemudriver.c bz 1176179 Note that Tenable Network Security has extracted the preceding description block...
Fedora Update for libvirt FEDORA-2015-1892
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mandriva Linux Security Advisory : libvirt (MDVSA-2015:035)
Updated libvirt packages fix security vulnerability : The XML getters for for save images and snapshots objects don't check ACLs for the VIRDOMAINXMLSECURE flag and might possibly dump security sensitive information. A remote attacker able to establish a connection to libvirtd could use this flaw...
openSUSE Security Update : libvirt (openSUSE-2015-112)
This update fixes the following security issues : - CVE-2015-0236: libvirt: access control bypass bsc914693 - bnc905086: libvirt cannot properly determine cpu flags with qemu-kvm - Fixed allowing devices for containers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
Updated libvirt packages fix CVE-2015-0236
Updated libvirt packages fix security vulnerability: The XML getters for save images and snapshots objects don't check ACLs for the VIRDOMAINXMLSECURE flag and might possibly dump security sensitive information. A remote attacker able to establish a connection to libvirtd could use this flaw to...