Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-5086

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2008-5086
Last Modified 08 Sep 2013 01:40:53
Published 19 Dec 2008 12:30:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2008-5086

Summary

Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions.

Vulnerable Systems

Application

  • Libvirt 0.3.2

  • Libvirt 0.3.3

  • Libvirt 0.4.1

  • Libvirt 0.4.2

  • Libvirt 0.4.6

  • Libvirt 0.5.0

  • Libvirt 0.5.1


References

BID - 32905

MLIST - [libvirt] 20081217 [SECURITY] PATCH: Fix missing read-only access checks (CVE-2008-5086)

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=476560

UBUNTU - USN-694-1

REDHAT - RHSA-2009:0382

FEDORA - FEDORA-2008-11433

SECUNIA - 34397

SECUNIA - 33292

SECUNIA - 33217

SECUNIA - 33198

OSVDB - 50919

SUSE - SUSE-SR:2009:004


Last Updated: 27 May 2016 10:48:42