Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:10739
HistoryJan 15, 2019 - 8:51 a.m.

Authorization Bypass

2019-01-1508:51:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

qemu-kvm is vulnerable to authorization bypass attacks. The vulnerability exists through a buffer overflow in the SCSI implementation in QEMU, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.

References

Related

nessus 16
mageia 1
fedora 3
openvas 17
cve 1
prion 1
ubuntucve 1
oraclelinux 1
redhat 3
cvelist 1
centos 1
debiancve 1
xen 1
debian 4
osv 2
ubuntu 1
securityvulns 2
suse 3
nessus
nessus
Oracle Linux 6 : qemu-kvm (ELSA-2013-1553)
2013-11-29 00:00:00
Fedora 19 : qemu-1.4.2-12.fc19 (2013-18493)
2013-10-15 00:00:00
RHEL 6 : qemu-kvm (RHSA-2013:1553)
2013-11-21 00:00:00
mageia
mageia
Updated qemu package fixes security vulnerability
2013-11-22 22:49:20
fedora
fedora
[SECURITY] Fedora 19 Update: qemu-1.4.2-12.fc19
2013-10-14 17:09:01
[SECURITY] Fedora 19 Update: qemu-1.4.2-12.fc19
2013-10-14 07:06:04
[SECURITY] Fedora 20 Update: qemu-1.6.0-10.fc20
2013-10-15 06:37:36
openvas
openvas
Fedora Update for qemu FEDORA-2013-18493
2013-10-15 00:00:00
RedHat Update for qemu-kvm RHSA-2013:1553-02
2013-11-21 00:00:00
Oracle: Security Advisory (ELSA-2013-1553)
2015-10-06 00:00:00
cve
cve
CVE-2013-4344
2013-10-04 17:55:00
prion
prion
Buffer overflow
2013-10-04 17:55:00
ubuntucve
ubuntucve
CVE-2013-4344
2013-10-04 00:00:00
oraclelinux
oraclelinux
qemu-kvm security, bug fix, and enhancement update
2013-11-21 00:00:00
redhat
redhat
(RHSA-2013:1553) Important: qemu-kvm security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2013:1754) Important: qemu-kvm-rhev, qemu-kvm-rhev-tools, qemu-img-rhev security and bug fix update
2013-11-21 00:00:00
(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update
2013-11-21 00:00:00
cvelist
cvelist
CVE-2013-4344
2013-10-04 17:00:00
centos
centos
qemu security update
2013-11-26 13:32:44
debiancve
debiancve
CVE-2013-4344
2013-10-04 17:55:00
xen
xen
qemu SCSI REPORT LUNS buffer overflow
2013-10-02 15:00:00
debian
debian
[SECURITY] [DSA 2932-1] qemu security update
2014-05-19 09:47:59
[SECURITY] [DSA 2933-1] qemu-kvm security update
2014-05-19 13:21:10
[SECURITY] [DSA 2932-1] qemu security update
2014-05-19 10:06:23
osv
osv
qemu-kvm - security update
2014-05-19 00:00:00
qemu - security update
2014-05-19 00:00:00
ubuntu
ubuntu
QEMU vulnerabilities
2014-01-30 00:00:00
securityvulns
securityvulns
[USN-2092-1] QEMU vulnerabilities
2014-02-01 00:00:00
QEMU / Xen multiple security vulnerabilities
2014-02-01 00:00:00
suse
suse
Security update for kvm (important)
2014-05-08 19:04:16
xen: security and bugfix update (important)
2014-10-09 13:04:44
xen: security and bugfix update (important)
2014-10-09 13:09:07

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for VERACODE:10739
nessus16mageia1fedora3openvas17cve1prion1ubuntucve1oraclelinux1redhat3cvelist1centos1debiancve1xen1debian4osv2ubuntu1securityvulns2suse3