EUVD-2013-0314

Malware in sbrugna...

RHEL 7 : ovirt-node (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ovirt-node: unsafe quoting in command lines CVE-2014-8170 Note that Nessus has not tested for this issue but has...

Important: Red Hat Security Advisory: Red Hat Virtualization Host 4.4.z SP 1 security update batch#5 (oVirt-4.5.3-5)

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

Important: Red Hat Security Advisory: Red Hat Virtualization Host security and enhancement update [ovirt-4.4.10] Async #2

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

Important: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

An update is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat Virtualization security, bug fix, and enhancement update

An update for cockpit-ovirt, redhat-release-virtualization-host, redhat-virtualization-host, and v2v-conversion-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

CVE-2013-0293

oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation...

Privilege escalation

oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation...

CVE-2013-0293

oVirt Node: Lock screen accepts F2 to drop to shell causing privilege escalation...

CVE-2013-0293

The CVE-2013-0293 entry concerns oVirt Node. The issue occurs when the lock screen accepts F2 to drop to a shell, enabling local privilege escalation from a non-privileged state to a higher-privilege level. Per NVD, the vulnerability is local with low attack complexity and no authentication, and ...

Important: Red Hat Security Advisory: redhat-virtualization-host security update

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

(RHSA-2018:0044) Important: redhat-virtualization-host security update

The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts RHVH are installed using a special build of Red Hat Enterprise Linux with only the packages required to host...

Red Hat Enterprise Virtualization ovirt-node formatting string vulnerability

Red Hat Enterprise Virtualization RHEV is a suite of virtualization management solutions for servers and desktops enterprise virtualization platform from Red Hat, Inc. that provides live migration, load balancing, and more. ovirt-node is one of the open source virtualization management platform...

CVE-2014-8170

ovirtsafedeleteconfig in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary...

CVE-2014-8170

CVE-2014-8170 affects ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3. The issue stems from ovirt_safe_delete_config in ovirtfunctions.py (and other locations) not properly quoting input strings, enabling arbitrary command execution when a semicolon is included in...

CVE-2014-8170

ovirtsafedeleteconfig in ovirtfunctions.py and other unspecified locations in ovirt-node 3.0.0-474-gb852fd7 as packaged in Red Hat Enterprise Virtualization 3 do not properly quote input strings, which allows remote authenticated users and physically proximate attackers to execute arbitrary...

RHEL 6 : rhev-hypervisor6 (RHSA-2012:1505)

An updated rhev-hypervisor6 package that fixes one security issue, various bugs, and adds enhancements is now available. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

RHEL 6 : rhev-hypervisor6 (RHSA-2012:1375)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:1375 advisory. The rhev-hypervisor6 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor...

Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes one security issue and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update

An updated rhev-hypervisor6 package that fixes one security issue and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...