|
|
Subscribe / Log in / New account

libvirt: information leak

Package(s):libvirt CVE #(s):CVE-2015-0236
Created:February 2, 2015 Updated:February 17, 2015
Description: From the CVE entry

libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.

Alerts:
Ubuntu USN-2867-1 libvirt 2016-01-12
Mandriva MDVSA-2015:115 libvirt 2015-03-29
Mandriva MDVSA-2015:070 libvirt 2015-03-27
Scientific Linux SLSA-2015:0323-2 libvirt 2015-03-25
Fedora FEDORA-2015-1883 libvirt 2015-02-17
Fedora FEDORA-2015-1892 libvirt 2015-02-15
Oracle ELSA-2015-0323 libvirt 2015-03-12
Red Hat RHSA-2015:0323-01 libvirt 2015-03-05
openSUSE openSUSE-SU-2015:0225-1 libvirt 2015-02-06
Mandriva MDVSA-2015:035 libvirt 2015-02-06
Mageia MGASA-2015-0046 libvirt 2015-01-31
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds