Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.69444
Kategorie:Red Hat Local Security Checks
Titel:RedHat Security Advisory RHSA-2011:0479
Zusammenfassung:NOSUMMARY
Beschreibung:Description:
The remote host is missing updates announced in
advisory RHSA-2011:0479.

The libvirt library is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remotely managing virtualized systems.

A flaw was found in the way libvirtd handled error reporting for concurrent
connections. A remote attacker able to establish read-only connections to
libvirtd on a server could use this flaw to crash libvirtd. (CVE-2011-1486)

This update also fixes the following bug:

* Previously, running qemu under a different UID prevented it from
accessing files with mode 0660 permissions that were owned by a different
user, but by a group that qemu was a member of. (BZ#668692)

All libvirt users are advised to upgrade to these updated packages, which
contain backported patches to resolve these issues. After installing the
updated packages, libvirtd must be restarted (service libvirtd restart)
for this update to take effect.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

http://rhn.redhat.com/errata/RHSA-2011-0479.html

Risk factor : Medium

CVSS Score:
3.3

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1486
BugTraq ID: 47148
http://www.securityfocus.com/bid/47148
Debian Security Information: DSA-2280 (Google Search)
http://www.debian.org/security/2011/dsa-2280
https://www.redhat.com/archives/libvir-list/2011-March/msg01087.html
http://www.redhat.com/support/errata/RHSA-2011-0478.html
http://www.redhat.com/support/errata/RHSA-2011-0479.html
http://securitytracker.com/id?1025477
http://secunia.com/advisories/44459
http://www.ubuntu.com/usn/USN-1152-1
CopyrightCopyright (c) 2011 E-Soft Inc. http://www.securityspace.com

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.