Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1146

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2011-1146
Last Modified 06 Sep 2011 11:15:31
Published 15 Mar 2011 01:55:05
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1146

Summary

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.

Vulnerable Systems

Application

  • Redhat Libvirt 0.8.8


References

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=683650

MLIST - [oss-security] 20110310 Re: CVE request: libvirt: several API calls do not honour read-only connection

MLIST - [oss-security] 20110309 CVE request: libvirt: several API calls do not honour read-only connection

CONFIRM - http://libvirt.org/git/?p=libvirt.git;a=commit;h=71753cb7f7a16ff800381c0b5ee4e99eea92fed3

CONFIRM - http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617773

CONFIRM - https://bugzilla.novell.com/show_bug.cgi?id=678406

XF - libvirt-apicalls-dos(66012)

VUPEN - ADV-2011-0805

VUPEN - ADV-2011-0794

VUPEN - ADV-2011-0700

VUPEN - ADV-2011-0694

UBUNTU - USN-1094-1

SECTRACK - 1025262

BID - 46820

REDHAT - RHSA-2011:0391

DEBIAN - DSA-2194

SECUNIA - 44069

SECUNIA - 43917

SECUNIA - 43897

SECUNIA - 43780

SECUNIA - 43670

SUSE - openSUSE-SU-2011:0311

FEDORA - FEDORA-2011-3286


Last Updated: 27 May 2016 10:56:11