what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2016-9578

Status Candidate

Overview

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash.

Related Files

Red Hat Security Advisory 2017-0549-01
Posted Mar 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0549-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The following packages have been upgraded to a later upstream version: redhat-release-virtualization-host, imgbased, redhat-virtualization-host.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-9577, CVE-2016-9578
SHA-256 | 0052f605c3d35e88430203ed2b5f303e9cc564420ae6b663866eb01d683189bb
Red Hat Security Advisory 2017-0552-01
Posted Mar 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0552-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. The following packages have been upgraded to a later upstream version: rhevm-appliance. Security Fix: A vulnerability was discovered in SPICE in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution.

tags | advisory, overflow, code execution, protocol
systems | linux, redhat
advisories | CVE-2016-9577, CVE-2016-9578
SHA-256 | 7e67cfe68d03ce819942763349967d9a4ad4a5691416b3afd8bf7afc654d4a38
Ubuntu Security Notice USN-3202-1
Posted Feb 20, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3202-1 - Frediano Ziglio discovered that Spice incorrectly handled certain client messages. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-9577, CVE-2016-9578
SHA-256 | 48b335caa3db2e8cecc79f87924e6e7b7ef20b603e40720f1f3f109a03a9d3af
Debian Security Advisory 3790-1
Posted Feb 17, 2017
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3790-1 - Several vulnerabilities were discovered in spice, a SPICE protocol client and server library.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2016-9577, CVE-2016-9578
SHA-256 | 49cc794953e2a7fa3792442d95f833015b85f773dc7987a963b5beab5882e82d
Red Hat Security Advisory 2017-0253-01
Posted Feb 6, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0253-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Security Fix: A vulnerability was discovered in spice in the server's protocol handling. An authenticated attacker could send crafted messages to the spice server causing a heap overflow leading to a crash or possible code execution.

tags | advisory, remote, overflow, kernel, local, code execution, protocol
systems | linux, redhat
advisories | CVE-2016-9577, CVE-2016-9578
SHA-256 | 3b05e371a8595c3a3a6ba71be3971ec45d371772de224a05c43bbab4abe10677
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close