Lucene search
K

3825 matches found

OpenVAS
OpenVAS
added 2013/02/22 12:0 a.m.26 views

RedHat Update for libvirt RHSA-2013:0276-02

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected",...

5CVSS7AI score0.05028EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/02/21 12:0 a.m.41 views

RHEL 6 : libvirt (RHSA-2013:0276)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0276 advisory. - libvirt+dnsmasq: DNS configured to answer DNS queries from non-virtual networks CVE-2012-3411 Note that Nessus has not tested for this issue but ha...

5CVSS7AI score0.05028EPSS
Exploits0References242
Tenable Nessus
Tenable Nessus
added 2013/02/21 12:0 a.m.30 views

RHEL 6 : dnsmasq (RHSA-2013:0277)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2013:0277 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS Domain Name Server forwarder and DHCP Dynamic Host Configuration Protocol server. It was...

5CVSS7AI score0.05028EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2013/02/21 12:0 a.m.32 views

SuSE 11.2 Security Update : libvirt (SAT Patch Number 7310)

libvirt was updated to fix the following security issue : - A flaw was found in the way message freeing on connection cleanup was handled under certain error conditions. A remote user able to issue commands to libvirt daemon could use this flaw to crash libvirtd or, potentially, escalate their...

6.8CVSS6.6AI score0.05774EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/02/20 4:19 p.m.3 views

libvirt+dnsmasq: DNS configured to answer DNS queries from non-virtual networks

Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoofed DNS query...

5CVSS5.9AI score0.05028EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2013/02/20 4:18 p.m.38 views

Moderate: Red Hat Security Advisory: libvirt security, bug fix, and enhancement update

Updated libvirt packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

5CVSS6.8AI score0.05028EPSS
Exploits0References239
RedHat Linux
RedHat Linux
added 2013/02/20 4:18 p.m.2 views

libvirt+dnsmasq: DNS configured to answer DNS queries from non-virtual networks

Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoofed DNS query...

5CVSS5.9AI score0.05028EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2013/02/20 12:0 a.m.3 views

PT-2013-1604 · Dnsmasq +3 · Dnsmasq +3

Name of the Vulnerable Software and Affected Versions: Dnsmasq versions prior to 2.63test1 Description: The issue allows remote attackers to cause a denial of service, specifically through traffic amplification, by sending a spoofed DNS query. This occurs when Dnsmasq is used with certain...

5CVSS8.4AI score0.05028EPSS
Exploits0References38
Tenable Nessus
Tenable Nessus
added 2013/02/13 12:0 a.m.39 views

Fedora 18 : dnsmasq-2.65-4.fc18 (2013-1357)

From dnsmasq's CHANGELOG : Add code to make behaviour for TCP DNS requests that same as for UDP requests, when a request arrives for an allowed address, but via a banned interface. This change is only active on Linux, since the relevant API is missing AFAIK on other platforms. - dnsmasq now answe...

5CVSS7.1AI score0.05028EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2013/02/12 10:6 a.m.36 views

update for libvirt (important)

Update to libvirt 0.9.11.9 stable release - Fixes CVE-2013-0170 by including cherry picked master commit 46532e3e, bnc800976 - Fix starting lxc VM e.g from OpenStack bnc793900 and rh858104...

9.3CVSS2AI score0.05774EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2013/02/12 10:4 a.m.37 views

libvirt to fix use-after-free in virNetMessageFree() (important)

libvirt was updated to fix some bugs and security issues: Security issues fixed: - Fix crash on error paths of message dispatching, CVE-2013-0170 bnc800976 - security: Fix libvirtd crash possibility CVE-2012-4423 bnc780432 Also bugs were fixed: - qemu: Fix probing for guest capabilities bnc772586...

9.3CVSS1AI score0.05774EPSS
Exploits0References5
OSV
OSV
added 2013/02/08 8:55 p.m.0 views

DEBIAN-CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

6.8CVSS7.2AI score0.05774EPSS
Exploits0References1
NVD
NVD
added 2013/02/08 8:55 p.m.18 views

CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

6.8CVSS8.3AI score0.05774EPSS
Exploits0References18
OSV
OSV
added 2013/02/08 8:55 p.m.3 views

CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

7.5AI score
Exploits0References23
ATTACKERKB
ATTACKERKB
added 2013/02/08 8:55 p.m.5 views

CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

6.8CVSS6.2AI score0.05774EPSS
Exploits0References22
Prion
Prion
added 2013/02/08 8:55 p.m.21 views

Design/Logic Flaw

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

6.8CVSS8.1AI score0.05774EPSS
Exploits0References18Affected Software11
Cvelist
Cvelist
added 2013/02/08 8:0 p.m.20 views

CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

7.2AI score0.05774EPSS
Exploits0References18
Debian CVE
Debian CVE
added 2013/02/08 8:0 p.m.30 views

CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

6.8CVSS8.3AI score0.05774EPSS
Exploits0
CVE
CVE
added 2013/02/08 8:0 p.m.103 views

CVE-2013-0170

CVE-2013-0170 is a use-after-free in virNetMessageFree (rpc/virnetserverclient.c) affecting libvirt 1.0.x prior to 1.0.2, 0.10.2 prior to 0.10.2.3, 0.9.11 prior to 0.9.11.9, and 0.9.6 prior to 0.9.6.4. By triggering certain errors during an RPC connection, a freed message may remain in the queue,...

6.8CVSS7.5AI score0.05774EPSS
Exploits0References18Affected Software1
Fedora
Fedora
added 2013/02/08 2:28 a.m.48 views

[SECURITY] Fedora 17 Update: libvirt-0.9.11.9-1.fc17

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

6.8CVSS3.9AI score0.05774EPSS
Exploits0
Rows per page
Query Builder