Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2013-0294)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2013.0294

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2013-0294)

Resumen: The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2013-0294 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2013-0294 advisory.

Vulnerability Insight:
It was discovered that libvirt incorrectly handled certain memory stats
requests. A remote attacker could use this issue to cause libvirt to
crash, resulting in a denial of service (CVE-2013-4296).

It was discovered that libvirt incorrectly handled certain bitmap
operations. A remote attacker could use this issue to cause libvirt to
crash, resulting in a denial of service (CVE-2013-5651).

Additionally, an update for a PolicyKit security issue required libvirt to
be updated to use a different API that is not affected by this security
issue (CVE-2013-4311).

Affected Software/OS:
'libvirt' package(s) on Mageia 2, Mageia 3.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-4296
60895
http://secunia.com/advisories/60895
DSA-2764
http://www.debian.org/security/2013/dsa-2764
GLSA-201412-04
http://security.gentoo.org/glsa/glsa-201412-04.xml
RHSA-2013:1272
http://rhn.redhat.com/errata/RHSA-2013-1272.html
RHSA-2013:1460
http://rhn.redhat.com/errata/RHSA-2013-1460.html
USN-1954-1
http://www.ubuntu.com/usn/USN-1954-1
http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0
http://wiki.libvirt.org/page/Maintenance_Releases
https://bugzilla.redhat.com/show_bug.cgi?id=1006173
openSUSE-SU-2013:1549
http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html
openSUSE-SU-2013:1550
http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4311
[oss-security] 20130918 Re: Fwd: [vs-plain] polkit races
http://www.openwall.com/lists/oss-security/2013/09/18/6
Common Vulnerability Exposure (CVE) ID: CVE-2013-5651
http://www.openwall.com/lists/oss-security/2013/08/30/1
SuSE Security Announcement: openSUSE-SU-2013:1550 (Google Search)

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2013.0294
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2013-0294)
Resumen:	The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2013-0294 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2013-0294 advisory. Vulnerability Insight: It was discovered that libvirt incorrectly handled certain memory stats requests. A remote attacker could use this issue to cause libvirt to crash, resulting in a denial of service (CVE-2013-4296). It was discovered that libvirt incorrectly handled certain bitmap operations. A remote attacker could use this issue to cause libvirt to crash, resulting in a denial of service (CVE-2013-5651). Additionally, an update for a PolicyKit security issue required libvirt to be updated to use a different API that is not affected by this security issue (CVE-2013-4311). Affected Software/OS: 'libvirt' package(s) on Mageia 2, Mageia 3. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2013-4296 60895 http://secunia.com/advisories/60895 DSA-2764 http://www.debian.org/security/2013/dsa-2764 GLSA-201412-04 http://security.gentoo.org/glsa/glsa-201412-04.xml RHSA-2013:1272 http://rhn.redhat.com/errata/RHSA-2013-1272.html RHSA-2013:1460 http://rhn.redhat.com/errata/RHSA-2013-1460.html USN-1954-1 http://www.ubuntu.com/usn/USN-1954-1 http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0 http://wiki.libvirt.org/page/Maintenance_Releases https://bugzilla.redhat.com/show_bug.cgi?id=1006173 openSUSE-SU-2013:1549 http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html openSUSE-SU-2013:1550 http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html Common Vulnerability Exposure (CVE) ID: CVE-2013-4311 [oss-security] 20130918 Re: Fwd: [vs-plain] polkit races http://www.openwall.com/lists/oss-security/2013/09/18/6 Common Vulnerability Exposure (CVE) ID: CVE-2013-5651 http://www.openwall.com/lists/oss-security/2013/08/30/1 SuSE Security Announcement: openSUSE-SU-2013:1550 (Google Search)
Copyright	Copyright (C) 2022 Greenbone AG