CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 4CVE-2009-0036 – libvirt_proxy 0.5.1 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-0036
11 Feb 2009 — Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to gain privileges by sending a portion of the header of a virProxyPacket packet, and then sending the remainder of the packet with crafted values in the header, related to use of uninitialized memory in a validation check. Desbordamiento de búfer en la función proxyReadClientSocket en proxy/libvirt_proxy.c en libvirt_proxy v0.5.1, podría permitir a usuarios locales elevar sus privil... • https://www.exploit-db.com/exploits/8534 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2008-5086 – libvirt: missing checks for read-only connection
https://notcve.org/view.php?id=CVE-2008-5086
19 Dec 2008 — Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions. Múltiples métodos en libvirt 0.3.2 a 0.5.1 no comprueban si una conexión es de sólo lectura, lo que permite a usuarios locales eludir restricciones de acceso y realizar acciones administrativas. • http://lists.opensuse.org/opensuse-security-announce/2009-02/msg00002.html •