9 matches found
MiracleLinux 7 : libvirt-4.5.0-10.el7 (AXSA:2019-3563:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3563:02 advisory. libvirt: guest could inject executable code via libnssdns.so loaded by libvirtlxc before init CVE-2018-6764 Tenable has extracted the preceding description...
Arbitrary Code Execution
libvirt is vulnerable to arbitrary code execution. Local gust OS users are able to bypass container protection mechanisms to inject and execute code via libnssdns.so loaded by libvirtlxc before init...
Scientific Linux Security Update : libvirt on SL7.x x86_64 (20181030)
Security Fixes : - libvirt: guest could inject executable code via libnssdns.so loaded by libvirtlxc before init CVE-2018-6764 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid119193; scriptversion"1.5";...
Ubuntu 14.04 LTS / 16.04 LTS : libvirt vulnerabilities (USN-3576-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3576-1 advisory. Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set ...
USN-3576-1: libvirt vulnerabilities
Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.0...
Stack overflow
Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS response that triggers a call to...
CVE-2015-7547
Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS response that triggers a call to...
CVE-2015-7547
Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS response that triggers a call to...
CVE-2015-7547
Multiple stack-based buffer overflows in the 1 senddg and 2 sendvc functions in the libresolv library in the GNU C Library aka glibc or libc6 before 2.23 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted DNS response that triggers a call to...