Showing 1 - 3 of 3

CVE-2011-1146

Status Candidate

Overview

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.

Related Files

Gentoo Linux Security Advisory 201202-07: Posted Feb 28, 2012; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201202-7 - Multiple vulnerabilities were found in libvirt, the worst of which might allow guest OS users to read arbitrary files on the host OS. Versions less than 0.9.3-r1 are affected.; tags | advisory, arbitrary, vulnerability; systems | linux, gentoo; advisories | CVE-2011-1146, CVE-2011-1486, CVE-2011-2178, CVE-2011-2511; SHA-256 | 174a3477cdb83676abe9282ccb2195b63c18c5ee3d51f67ae0d74c3aeffc9587; Download | Favorite | View

Ubuntu Security Notice USN-1094-1: Posted Mar 29, 2011; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 1094-1 - Petr Matousek discovered that libvirt did not always honor read-only connections. An attacker who is authorized to connect to the libvirt daemon could exploit this to cause a denial of service via application crash.; tags | advisory, denial of service; systems | linux, ubuntu; advisories | CVE-2011-1146; SHA-256 | 6dd8ec7382009c91aee9deaa35b3fc69dbaca15baed81f8c368a15c73a863ca6; Download | Favorite | View

Debian Security Advisory 2194-1: Posted Mar 18, 2011; Authored by Debian | Site debian.org; Debian Linux Security Advisory 2194-1 - It was discovered that libvirt, a library for interfacing with different virtualization systems, did not properly check for read-only connections. This allowed a local attacker to perform a denial of service (crash) or possibly escalate privileges.; tags | advisory, denial of service, local; systems | linux, debian; advisories | CVE-2011-1146; SHA-256 | 6fe292b2003854868045fde6bd8c3713f1b7fb591a314c499cf94b2f6001ba6d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 247 files
Jay Turla 150 files
indoushka 139 files
Ubuntu 61 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Karn Ganeshen 23 files
Pedro Ribeiro 22 files

File Archives

Systems

AIX (429)
Apple (2,104)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,117)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,567)
HPUX (880)
iOS (387)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,066)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,731)
Slackware (941)
Solaris (1,614)
SUSE (1,444)
Ubuntu (9,807)
UNIX (9,449)
UnixWare (187)
Windows (6,762)
Other

CVE-2011-1146

Overview

Related Files

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems