7 matches found
Information Disclosure
libvirt is vulnerable to information disclosure. It was discovered that the virDomainSnapshotGetXMLDesc and virDomainSaveImageGetXMLDesc functions did not sufficiently limit the usage of the VIRDOMAINXMLSECURE flag when fine-grained ACLs were enabled. A remote attacker able to establish a...
libvirt information disclosure
It's possible to manipulate VIRDOMAINXMLSECURE flag...
CVE-2015-0236
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIRDOMAINXMLSECURE flag with a crafted 1 snapshot to the virDomainSnapshotGetXMLDesc interface or 2 image to the virDomainSaveImageGetXMLDesc interface...
UBUNTU-CVE-2015-0236
libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIRDOMAINXMLSECURE flag with a crafted 1 snapshot to the virDomainSnapshotGetXMLDesc interface or 2 image to the virDomainSaveImageGetXMLDesc interface...
CVE-2014-7823
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIRDOMAINXMLMIGRATABLE flag, which triggers the use of the VIRDOMAINXMLSECURE flag...
CVE-2014-7823
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIRDOMAINXMLMIGRATABLE flag, which triggers the use of the VIRDOMAINXMLSECURE flag...
CVE-2014-7823
The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIRDOMAINXMLMIGRATABLE flag, which triggers the use of the VIRDOMAINXMLSECURE flag...