Lucene search
RootSSV:4754HistoryFeb 13, 2009 - 12:00 a.m.
libvirt libvirt_proxy.c文件本地栈溢出漏洞
2009-02-1300:00:00
Root
www.seebug.org
19
EPSS
0
Percentile
10.3%
BUGTRAQ ID: 33724
CVE(CAN) ID: CVE-2009-0036
libvirt是一套免费、开源的C函数库,支持Linux下的主流虚拟化工具。
libvirt库的proxy/libvirt_proxy.c文件中的proxyReadClientSocket()函数没有正确地验证报文头,如果本地攻击者发送了特制的代理请求的话就可以触发栈溢出,导致以root用户权限执行任意代码。
libvirt 0.5.1
厂商补丁:
libvirt
目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:
<a href=“https://www.redhat.com/archives/libvir-list/2009-January/msg00699.html” target=“_blank”>https://www.redhat.com/archives/libvir-list/2009-January/msg00699.html</a>
Related
debiancve
debiancve
CVE-2009-0036
2009-02-11 20:30:00
prion
prion
Buffer overflow
2009-02-11 20:30:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:30:41
cvelist
cvelist
CVE-2009-0036
2009-02-11 20:00:00
zdt
zdt
libvirt_proxy <= 0.5.1 Local Privilege Escalation Exploit
2009-04-27 00:00:00
cve
cve
CVE-2009-0036
2009-02-11 20:30:00
ubuntucve
ubuntucve
CVE-2009-0036
2009-02-11 00:00:00
exploitpack
exploitpack
libvirt_proxy 0.5.1 - Local Privilege Escalation
2009-04-27 00:00:00
seebug
seebug
libvirt_proxy <= 0.5.1 - Local Privilege Escalation Exploit
2014-07-01 00:00:00
libvirt_proxy <= 0.5.1 Local Privilege Escalation Exploit
2009-04-28 00:00:00
exploitdb
exploitdb
libvirt_proxy 0.5.1 - Local Privilege Escalation
2009-04-27 00:00:00
nvd
nvd
CVE-2009-0036
2009-02-11 20:30:00
nessus
nessus
Scientific Linux Security Update : libvirt on SL5.x i386/x86_64
2012-08-01 00:00:00
Oracle Linux 5 : libvirt (ELSA-2009-0382)
2013-07-12 00:00:00
RHEL 5 : libvirt (RHSA-2009:0382)
2013-01-24 00:00:00
redhat
redhat
(RHSA-2009:0382) Moderate: libvirt security update
2009-03-19 00:00:00
openvas
openvas
RedHat Security Advisory RHSA-2009:0382
2009-03-20 00:00:00
Oracle: Security Advisory (ELSA-2009-0382)
2015-10-08 00:00:00
RedHat Security Advisory RHSA-2009:0382
2009-03-20 00:00:00
oraclelinux
oraclelinux
libvirt security update
2009-03-19 00:00:00