CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 4CVE-2009-0036 – libvirt_proxy 0.5.1 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-0036
Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to gain privileges by sending a portion of the header of a virProxyPacket packet, and then sending the remainder of the packet with crafted values in the header, related to use of uninitialized memory in a validation check. Desbordamiento de búfer en la función proxyReadClientSocket en proxy/libvirt_proxy.c en libvirt_proxy v0.5.1, podría permitir a usuarios locales elevar sus privilegios mediante el envío de una parte de la cabecera de un paquete virProxyPacket y posteriormente enviando el resto del paquete con valores manipulados en la cabecera del mismo. Relacionado con el uso de memoria que no ha sido inicializada en un control de validación. • https://www.exploit-db.com/exploits/8534 http://git.et.redhat.com/?p=libvirt.git%3Ba=commitdiff%3Bh=2bb0657e28 http://openwall.com/lists/oss-security/2009/02/10/8 http://secunia.com/advisories/34397 http://www.redhat.com/support/errata/RHSA-2009-0382.html http://www.securityfocus.com/bid/33724 https://bugzilla.redhat.com/show_bug.cgi?id=484947 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10127 https://www.redhat.com/archives/libv • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 0CVE-2008-5086 – libvirt: missing checks for read-only connection
https://notcve.org/view.php?id=CVE-2008-5086
Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions. Múltiples métodos en libvirt 0.3.2 a 0.5.1 no comprueban si una conexión es de sólo lectura, lo que permite a usuarios locales eludir restricciones de acceso y realizar acciones administrativas. • http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html http://osvdb.org/50919 http://secunia.com/advisories/33198 http://secunia.com/advisories/33217 http://secunia.com/advisories/33292 http://secunia.com/advisories/34397 http://www.redhat.com/archives/fedora-package-announce/2008-December/msg00938.html http://www.redhat.com/support/errata/RHSA-2009-0382.html http://www.securityfocus.com/bid/32905 http://www.ubuntu.com/usn/usn-694-1 https://bugzilla.r •