exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2014-7823

Status Candidate

Overview

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.

Related Files

Mandriva Linux Security Advisory 2015-115
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-115 - The LXC driver in libvirt 1.0.1 through 1.2.1 allows local users to delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the virDomainReboot API and a symlink attack on /dev/initctl in the container, related to paths under /proc//root and the virInitctlSetRunLevel function. Various other issues have also been addressed.

tags | advisory, denial of service, arbitrary, local, root
systems | linux, mandriva
advisories | CVE-2013-6456, CVE-2014-0179, CVE-2014-3633, CVE-2014-3657, CVE-2014-7823, CVE-2014-8136, CVE-2015-0236
SHA-256 | 6ae8444cee405a1fa17b4071c1f7b85b191e5b4db7e6d53ab6a0a1a1d4adf05d
Red Hat Security Advisory 2015-0008-01
Posted Jan 5, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0008-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. It was found that when the VIR_DOMAIN_XML_MIGRATABLE flag was used, the QEMU driver implementation of the virDomainGetXMLDesc() function could bypass the restrictions of the VIR_DOMAIN_XML_SECURE flag. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to leak certain limited information from the domain XML data.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2014-7823
SHA-256 | 47b92016c37dad05ce4e73dd6d9ea1d07fed20f3ca473108ec23899b17cbe915
Gentoo Linux Security Advisory 201412-04
Posted Dec 8, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-4 - Multiple vulnerabilities have been found in libvirt, worst of which allows context-dependent attackers to escalate privileges. Versions less than 1.2.9-r2 are affected.

tags | advisory, vulnerability
systems | linux, gentoo
advisories | CVE-2013-4292, CVE-2013-4296, CVE-2013-4297, CVE-2013-4399, CVE-2013-4400, CVE-2013-4401, CVE-2013-5651, CVE-2013-6436, CVE-2013-6456, CVE-2013-6457, CVE-2013-6458, CVE-2013-7336, CVE-2014-0028, CVE-2014-0179, CVE-2014-1447, CVE-2014-3633, CVE-2014-5177, CVE-2014-7823
SHA-256 | 04c111d3cb8f6077f1f1c216f9e56106ab6e31444d537f25d03e8ab04ca85eb1
Mandriva Linux Security Advisory 2014-222
Posted Nov 21, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-222 - Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain information from the domain xml file.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-7823
SHA-256 | b1e46fa67faacfb7e538c3ab47855727400c604063f8f1f9cdcbb61a33e35d27
Red Hat Security Advisory 2014-1873-01
Posted Nov 18, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-1873-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process.

tags | advisory, remote
systems | linux, redhat
advisories | CVE-2014-3633, CVE-2014-3657, CVE-2014-7823
SHA-256 | 926fc0cc610c6630f02ce4257be003e8e729f64fc84448045e963d1964416a7a
Ubuntu Security Notice USN-2404-1
Posted Nov 11, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2404-1 - Pavel Hrdina discovered that libvirt incorrectly handled locking when processing the virConnectListAllDomains command. An attacker could use this issue to cause libvirtd to hang, resulting in a denial of service. Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain information from the domain xml file. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2014-3657, CVE-2014-7823
SHA-256 | 2a1bca2d71d848876f8b66fcb6de56f798ff097d98d80d5f05f1c682cc308136
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    34 Files
  • 18
    Jul 18th
    6 Files
  • 19
    Jul 19th
    34 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close