Vulnerability Name: | CVE-2009-0036 (CCN-48679) | ||||||||||||||||||||
Assigned: | 2008-12-15 | ||||||||||||||||||||
Published: | 2009-01-27 | ||||||||||||||||||||
Updated: | 2023-02-13 | ||||||||||||||||||||
Summary: | Buffer overflow in the proxyReadClientSocket function in proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to gain privileges by sending a portion of the header of a virProxyPacket packet, and then sending the remainder of the packet with crafted values in the header, related to use of uninitialized memory in a validation check. | ||||||||||||||||||||
CVSS v3 Severity: | 9.3 Critical (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
| ||||||||||||||||||||
CVSS v2 Severity: | 4.4 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P) 3.2 Low (Temporal CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
5.3 Medium (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
4.6 Medium (REDHAT Temporal CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
| ||||||||||||||||||||
Vulnerability Consequences: | Gain Privileges | ||||||||||||||||||||
References: | Source: MITRE Type: CNA CVE-2009-0036 Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: libvirt Web site libvirt: The virtualization API Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: RHSA-2009-0382 Moderate: libvirt security update Source: CCN Type: SA33868 libvirt "proxyReadClientSocket()" Buffer Overflow Vulnerability Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: BID-33724 libvirt 'libvirt_proxy.c' Local Privilege Escalation Vulnerability Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: secalert@redhat.com Type: Vendor Advisory secalert@redhat.com Source: XF Type: UNKNOWN libvirt-proxyreadclientsocket-bo(48679) Source: secalert@redhat.com Type: UNKNOWN secalert@redhat.com Source: CCN Type: libvirt-list Mailing List, Tue, 27 Jan 2009 21:33:12 +0300 [libvirt] [PATCH] proxy: Fix use of uninitalized memory Source: secalert@redhat.com Type: Exploit, Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: Exploit, Vendor Advisory secalert@redhat.com Source: secalert@redhat.com Type: Exploit, Vendor Advisory secalert@redhat.com | ||||||||||||||||||||
Vulnerable Configuration: | Configuration RedHat 1: Configuration CCN 1: Denotes that component is vulnerable | ||||||||||||||||||||
Oval Definitions | |||||||||||||||||||||
| |||||||||||||||||||||
BACK |