Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.870662
Category:Red Hat Local Security Checks
Title:RedHat Update for virt-v2v RHSA-2011:1615-03
Summary:The remote host is missing an update for the 'virt-v2v'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'virt-v2v'
package(s) announced via the referenced advisory.

Vulnerability Insight:
virt-v2v is a tool for converting and importing virtual machines to
libvirt-managed KVM (Kernel-based Virtual Machine), or Red Hat Enterprise
Virtualization.

Using virt-v2v to convert a guest that has a password-protected VNC console
to a KVM guest removed that password protection from the converted guest:
after conversion, a password was not required to access the converted
guest's VNC console. Now, converted guests will require the same VNC
console password as the original guest. Note that when converting a guest
to run on Red Hat Enterprise Virtualization, virt-v2v will display a
warning that VNC passwords are not supported. (CVE-2011-1773)

Note: The Red Hat Enterprise Linux 6.2 perl-Sys-Virt update must also be
installed to correct CVE-2011-1773.

Bug fixes:

* When converting a guest virtual machine (VM), whose name contained
certain characters, virt-v2v would create a converted guest with a
corrupted name. Now, virt-v2v will not corrupt guest names. (BZ#665883)

* There were numerous usability issues when running virt-v2v as a non-root
user. This update makes it simpler to run virt-v2v as a non-root user.
(BZ#671094)

* virt-v2v failed to convert a Microsoft Windows guest with Windows
Recovery Console installed in a separate partition. Now, virt-v2v will
successfully convert a guest with Windows Recovery Console installed in a
separate partition by ignoring that partition. (BZ#673066)

* virt-v2v failed to convert a Red Hat Enterprise Linux guest which did not
have the symlink '/boot/grub/menu.lst'. With this update, virt-v2v can
select a grub configuration file from several places. (BZ#694364)

* This update removes information about the usage of deprecated command
line options in the virt-v2v man page. (BZ#694370)

* virt-v2v would fail to correctly change the allocation policy, (sparse or
preallocated) when converting a guest with QCOW2 image format. The error
message 'Cannot import VM, The selected disk configuration is not
supported' was displayed. With this update, allocation policy changes to a
guest with QCOW2 storage will work correctly. (BZ#696089)

* The options '--network' and '--bridge' can not be used
in conjunction when converting a guest, but no error message was displayed.
With this update, virt-v2v will now display an error message if the mutually
exclusive '--network' and '--bridge' command line opti ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
virt-v2v on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
4.4

CVSS Vector:
AV:L/AC:M/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2011-1773
http://www.osvdb.org/77558
RedHat Security Advisories: RHSA-2011:1615
http://rhn.redhat.com/errata/RHSA-2011-1615.html
http://secunia.com/advisories/47086
CopyrightCopyright (c) 2012 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.