Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

fstec Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

BDU:2015-05532

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 01 янв. 2015
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: fstec
CVSS2: 9.3
EPSS Π‘Ρ€Π΅Π΄Π½ΠΈΠΉ

ОписаниС

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ ΠΏΠ°ΠΊΠ΅Ρ‚Π° libvirt-client-debuginfo-32bit ΠΎΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½ΠΎΠΉ систСмы openSUSE, эксплуатация ΠΊΠΎΡ‚ΠΎΡ€ΠΎΠΉ ΠΌΠΎΠΆΠ΅Ρ‚ привСсти ΠΊ Π½Π°Ρ€ΡƒΡˆΠ΅Π½ΠΈΡŽ ΠΊΠΎΠ½Ρ„ΠΈΠ΄Π΅Π½Ρ†ΠΈΠ°Π»ΡŒΠ½ΠΎΡΡ‚ΠΈ, цСлостности ΠΈ доступности Π·Π°Ρ‰ΠΈΡ‰Π°Π΅ΠΌΠΎΠΉ ΠΈΠ½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΠΈ. Эксплуатация уязвимости ΠΌΠΎΠΆΠ΅Ρ‚ Π±Ρ‹Ρ‚ΡŒ осущСствлСна ΡƒΠ΄Π°Π»Π΅Π½Π½ΠΎ

Π’Π΅Π½Π΄ΠΎΡ€

Novell Inc.

НаимСнованиС ПО

openSUSE

ВСрсия ПО

12.2 (openSUSE)

Вип ПО

ΠžΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Π°Ρ систСма

ΠžΠΏΠ΅Ρ€Π°Ρ†ΠΈΠΎΠ½Π½Ρ‹Π΅ систСмы ΠΈ Π°ΠΏΠΏΠ°Ρ€Π°Ρ‚Π½Ρ‹Π΅ ΠΏΠ»Π°Ρ‚Ρ„ΠΎΡ€ΠΌΡ‹

-

Π£Ρ€ΠΎΠ²Π΅Π½ΡŒ опасности уязвимости

Высокий ΡƒΡ€ΠΎΠ²Π΅Π½ΡŒ опасности (базовая ΠΎΡ†Π΅Π½ΠΊΠ° CVSS 2.0 составляСт 9,3)

Π’ΠΎΠ·ΠΌΠΎΠΆΠ½Ρ‹Π΅ ΠΌΠ΅Ρ€Ρ‹ ΠΏΠΎ ΡƒΡΡ‚Ρ€Π°Π½Π΅Π½ΠΈΡŽ уязвимости

Установка обновлСния Π² соотвСтствии с инструкциСй ΠΏΠΎ бСзопасности, доступной ΠΏΠΎ адрСсу: http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00002.html

Бтатус уязвимости

ΠŸΠΎΠ΄Ρ‚Π²Π΅Ρ€ΠΆΠ΄Π΅Π½Π° ΠΏΡ€ΠΎΠΈΠ·Π²ΠΎΠ΄ΠΈΡ‚Π΅Π»Π΅ΠΌ

НаличиС эксплойта

Π”Π°Π½Π½Ρ‹Π΅ ΡƒΡ‚ΠΎΡ‡Π½ΡΡŽΡ‚ΡΡ

Π˜Π½Ρ„ΠΎΡ€ΠΌΠ°Ρ†ΠΈΡ ΠΎΠ± устранСнии

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ устранСна

Бсылки Π½Π° источники

Π˜Π΄Π΅Π½Ρ‚ΠΈΡ„ΠΈΠΊΠ°Ρ‚ΠΎΡ€Ρ‹ Π΄Ρ€ΡƒΠ³ΠΈΡ… систСм описаний уязвимостСй

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 95%
0.2022
Π‘Ρ€Π΅Π΄Π½ΠΈΠΉ

9.3 Critical

CVSS2

БвязанныС уязвимости

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2013-0170

ubuntu
ΠΎΠΊΠΎΠ»ΠΎ 13 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2013-0170

redhat
ΠΎΠΊΠΎΠ»ΠΎ 13 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2013-0170

nvd
ΠΎΠΊΠΎΠ»ΠΎ 13 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2013-0170

debian
ΠΎΠΊΠΎΠ»ΠΎ 13 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Use-after-free vulnerability in the virNetMessageFree function in rpc/ ...

github Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

GHSA-rhxc-pp54-8x28

github
ΠΏΠΎΡ‡Ρ‚ΠΈ 4 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 95%
0.2022
Π‘Ρ€Π΅Π΄Π½ΠΈΠΉ

9.3 Critical

CVSS2

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ BDU:2015-05532