Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2011-1146

Опубликовано: 15 мар. 2011
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 6.9

Описание

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.

РелизСтатусПримечание
dapper

DNE

devel

released

0.8.8-1ubuntu4
hardy

not-affected

karmic

released

0.7.0-1ubuntu13.3
lucid

released

0.7.5-5ubuntu27.9
maverick

released

0.8.3-1ubuntu14.1
upstream

released

0.8.8-3

Показывать по

Ссылки на источники

EPSS

Процентиль: 79%
0.01284
Низкий

6.9 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2011-1146

redhat
больше 14 лет назад

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.

nvd логотип

CVE-2011-1146

nvd
больше 14 лет назад

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.

debian логотип

CVE-2011-1146

debian
больше 14 лет назад

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restri ...

github логотип

GHSA-69mw-4jhr-4j3r

github
около 3 лет назад

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.

oracle-oval логотип

ELSA-2011-0391

oracle-oval
около 14 лет назад

ELSA-2011-0391: libvirt security update (IMPORTANT)

EPSS

Процентиль: 79%
0.01284
Низкий

6.9 Medium

CVSS2