Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.842034
Kategorie:Ubuntu Local Security Checks
Titel:Ubuntu Update for libvirt USN-2404-1
Zusammenfassung:The remote host is missing an update for the 'libvirt'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'libvirt'
package(s) announced via the referenced advisory.

Vulnerability Insight:
Pavel Hrdina discovered that libvirt
incorrectly handled locking when processing the virConnectListAllDomains command.
An attacker could use this issue to cause libvirtd to hang, resulting in a denial
of service. (CVE-2014-3657)

Eric Blake discovered that libvirt incorrectly handled permissions when
processing the qemuDomainFormatXML command. An attacker with read-only
privileges could possibly use this to gain access to certain information
from the domain xml file. (CVE-2014-7823)

Affected Software/OS:
libvirt on Ubuntu 14.10,
Ubuntu 14.04 LTS

Solution:
Please Install the Updated Packages.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2014-3657
RedHat Security Advisories: RHSA-2014:1352
http://rhn.redhat.com/errata/RHSA-2014-1352.html
http://secunia.com/advisories/60291
http://secunia.com/advisories/62303
SuSE Security Announcement: openSUSE-SU-2014:1290 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-10/msg00014.html
SuSE Security Announcement: openSUSE-SU-2014:1293 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-10/msg00017.html
http://www.ubuntu.com/usn/USN-2404-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-7823
http://security.gentoo.org/glsa/glsa-201412-04.xml
http://secunia.com/advisories/60010
http://secunia.com/advisories/60895
http://secunia.com/advisories/62058
SuSE Security Announcement: openSUSE-SU-2014:1471 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-11/msg00083.html
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.