 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.1.10.2019.0390 |
| Categoría: | Mageia Linux Local Security Checks |
| Título: | Mageia: Security Advisory (MGASA-2019-0390) |
| Resumen: | The remote host is missing an update for the 'libvirt, python-libvirt' package(s) announced via the MGASA-2019-0390 advisory. |
| Descripción: | Summary: The remote host is missing an update for the 'libvirt, python-libvirt' package(s) announced via the MGASA-2019-0390 advisory. Vulnerability Insight: Updated libvirt packages fix security vulnerabilities: An information leak which allowed to retrieve the guest hostname under readonly mode (CVE-2019-3886). Wrong permissions in systemd admin-sock due to missing SocketMode parameter (CVE-2019-10132). Arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161). virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166). Arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167). Arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168). Also, this update contains the libvirt adjustments, that pass through the new 'md-clear' CPU flag, to help address Intel CPU speculative execution flaws. Affected Software/OS: 'libvirt, python-libvirt' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2019-10132 FEDORA-2019-5f105dd2b6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5RANC4LWZQRVJGJHVWCU6R4CCXQMDD4L/ FEDORA-2019-9210998aaa https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CYMNKXAUBZCFBBPFH64FJPH5EJH4GSU2/ RHSA-2019:1264 https://access.redhat.com/errata/RHSA-2019:1264 RHSA-2019:1268 https://access.redhat.com/errata/RHSA-2019:1268 RHSA-2019:1455 https://access.redhat.com/errata/RHSA-2019:1455 USN-4021-1 https://usn.ubuntu.com/4021-1/ https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10132 https://security.libvirt.org/2019/0003.html Common Vulnerability Exposure (CVE) ID: CVE-2019-10161 https://security.gentoo.org/glsa/202003-18 https://usn.ubuntu.com/4047-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-10166 Common Vulnerability Exposure (CVE) ID: CVE-2019-10167 Common Vulnerability Exposure (CVE) ID: CVE-2019-10168 Common Vulnerability Exposure (CVE) ID: CVE-2019-3886 107777 http://www.securityfocus.com/bid/107777 FEDORA-2019-b2dfb13daf https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R5DHYIFECZ7BMVXK4EP4FDFZXK7I5MZH/ RHBA-2019:3723 https://access.redhat.com/errata/RHBA-2019:3723 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3886 openSUSE-SU-2019:1294 http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html |
| Copyright | Copyright (C) 2022 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |