Page 67 of 343 results (0.025 seconds)

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

Off-by-one error in monitor.c in Qemu 0.9.1 might make it easier for remote attackers to guess the VNC password, which is limited to seven characters where eight was intended. Error de superación de límite (off-by-one) en monitor.c en Qemu 0.9.1 podría facilitar a atacantes remotos adivinar la contraseña VNC, que está limitada a siete caracteres cuando se habrían previsto ocho. • http://lists.gnu.org/archive/html/qemu-devel/2008-11/msg01224.html http://lists.gnu.org/archive/html/qemu-devel/2008-12/msg00498.html http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://secunia.com/advisories/33568 http://secunia.com/advisories/34642 http://secunia.com/advisories/35062 http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=5966 http://svn.savannah&# • CWE-189: Numeric Errors •

CVSS: 5.0EPSS: 8%CPEs: 108EXPL: 3

The protocol_client_msg function in vnc.c in the VNC server in (1) Qemu 0.9.1 and earlier and (2) KVM kvm-79 and earlier allows remote attackers to cause a denial of service (infinite loop) via a certain message. La función protocol_client_msg en vnc.c en el servidor VNC en (1) Qemu 0.9.1 y anteriores y (2) KVM kvm-79 y anteriores permite a atacantes remotos provocar una denegación de servicio (bucle infinito) mediante un cierto mensaje. • https://www.exploit-db.com/exploits/32675 http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://secunia.com/advisories/33293 http://secunia.com/advisories/33303 http://secunia.com/advisories/33350 http://secunia.com/advisories/33568 http://secunia.com/advisories/34642 http://secunia.com/advisories/35062 http://securityreason.com/securityalert/4803 http://securitytracker.com/id?1021488 • CWE-399: Resource Management Errors •

CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 2

qemu-make-debian-root in qemu 0.9.1-5 on Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files and directories. qemu-make-debian-root de qemu 0.9.1-5 en Debian GNU/Linux permite a usuarios locales sobrescribir archivos de su elección mediante un ataque de enlaces simbólicos en archivos y directorios temporales. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=496394 http://dev.gentoo.org/~rbu/security/debiantemp/qemu http://secunia.com/advisories/32335 http://uvw.ru/report.lenny.txt http://www.debian.org/security/2008/dsa-1657 http://www.openwall.com/lists/oss-security/2008/10/13/2 http://www.openwall.com/lists/oss-security/2008/10/14/4 http://www.openwall.com/lists/oss-security/2008/10/30/2 http://www.securityfocus.com/bid/30931 https://bugs.gentoo. • CWE-59: Improper Link Resolution Before File Access ('Link Following') •

CVSS: 2.1EPSS: 0%CPEs: 14EXPL: 0

QEMU 0.9.0 does not properly handle changes to removable media, which allows guest OS users to read arbitrary files on the host OS by using the diskformat: parameter in the -usbdevice option to modify the disk-image header to identify a different format, a related issue to CVE-2008-2004. QEMU 0.9.0 no maneja apropiadamente cambio de medios extraíbles, lo cual permite a usuarios invitados del sistema operativo leer ficheros de su elección en el Host del sistema operativo utilizando el diskformat: parámetro en la opción -usbdevice para modificar la cabecera disk-image para identificar un formato diferente, una cuestión relacionada a CVE-2008-2004. • http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html http://secunia.com/advisories/32063 http://secunia.com/advisories/32088 http://secunia.com/advisories/34642 http://secunia.com/advisories/35031 http://secunia.com/advisories/35062 http://www.debian.org/security/2009/dsa-1799 http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 http://www.securityfocus.com/bid/30604 http://www.securitytracker.com/id?1020959 http://www.ubuntu.com/usn/usn-776& •

CVSS: 4.9EPSS: 0%CPEs: 1EXPL: 1

The drive_init function in QEMU 0.9.1 determines the format of a raw disk image based on the header, which allows local guest users to read arbitrary files on the host by modifying the header to identify a different format, which is used when the guest is restarted. La función drive_init en QEMU 0.9.1 determina el formato de una imagen de disco en bruto basada en la cabecera, lo que permite a usuarios locales invitados leer archivos de su elección en el host modificando la cabecera para identificar un formato distinto, lo que se usa cuando el invitado se reinicia. • http://lists.gnu.org/archive/html/qemu-devel/2008-04/msg00675.html http://secunia.com/advisories/29129 http://secunia.com/advisories/29963 http://secunia.com/advisories/30111 http://secunia.com/advisories/30717 http://secunia.com/advisories/35062 http://svn.savannah.gnu.org/viewvc/?view=rev&root=qemu&revision=4277 http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 http://www.novell.com/linux/security/advisories/2008_13_sr.html http://www.redhat.com/support&#x • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •