Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0036


Vulnerability Score 4.4 4.4
CVE Id CVE-2009-0036
Last Modified 21 Aug 2010 01:29:36
Published 11 Feb 2009 03:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE



Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to gain privileges by sending a portion of the header of a virProxyPacket packet, and then sending the remainder of the packet with crafted values in the header, related to use of uninitialized memory in a validation check.

Vulnerable Systems


  • Libvirt 0.5.1


MLIST - [libvir-list] 20090128 Re: [libvirt] [PATCH] proxy: Fix use of uninitalized memory

MLIST - [libvir-list] 20090127 [libvirt] [PATCH] proxy: Fix use of uninitalized memory


BID - 33724

REDHAT - RHSA-2009:0382

SECUNIA - 34397

MLIST - [oss-security] 20090210 libvirt_proxy heads up

CONFIRM -;a=commitdiff;h=2bb0657e28

Last Updated: 27 May 2016 10:49:33