9.3 - USN-1708-1

Executive Summary

Summary
Title	libvirt vulnerabilities

Informations
Name	USN-1708-1	First vendor Publication	2013-01-29
Vendor	Ubuntu	Last vendor Modification	2013-01-29
Severity (Vendor)	N/A	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.10 - Ubuntu 12.04 LTS

Summary:

libvirt could be made to crash or run programs if it received specially crafted network traffic.

Software Description: - libvirt: Libvirt virtualization toolkit

Details:

Wenlong Huang discovered that libvirt incorrectly handled certain RPC calls. A remote attacker could exploit this and cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. (CVE-2012-4423)

Tingting Zheng discovered that libvirt incorrectly handled cleanup under certain error conditions. A remote attacker could exploit this and cause libvirt to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-0170)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 12.10:
libvirt-bin 0.9.13-0ubuntu12.2
libvirt0 0.9.13-0ubuntu12.2

Ubuntu 12.04 LTS:
libvirt-bin 0.9.8-2ubuntu17.7
libvirt0 0.9.8-2ubuntu17.7

After a standard system update you need to reboot your computer to make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1708-1
CVE-2012-4423, CVE-2013-0170

Package Information:
https://launchpad.net/ubuntu/+source/libvirt/0.9.13-0ubuntu12.2
https://launchpad.net/ubuntu/+source/libvirt/0.9.8-2ubuntu17.7

Original Source

Url : http://www.ubuntu.com/usn/USN-1708-1

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-416	Use After Free

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:18188

Oval ID:	oval:org.mitre.oval:def:18188
Title:	USN-1708-1 -- libvirt vulnerabilities
Description:	libvirt could be made to crash or run programs if it received specially crafted network traffic.
Family:	unix	Class:	patch
Reference(s):	USN-1708-1 CVE-2012-4423 CVE-2013-0170	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04	Product(s):	libvirt
Definition Synopsis:
Release section Ubuntu 12.10 is installed Packages match section libvirt-bin DPKG is earlier than 0.9.13-0ubuntu12.2 AND libvirt0 DPKG is earlier than 0.9.13-0ubuntu12.2 AND Release section Ubuntu 12.04 is installed Packages match section libvirt-bin DPKG is earlier than 0.9.8-2ubuntu17.7 AND libvirt0 DPKG is earlier than 0.9.8-2ubuntu17.7

Definition Id: oval:org.mitre.oval:def:20985

Oval ID:	oval:org.mitre.oval:def:20985
Title:	RHSA-2013:0199: libvirt security update (Important)
Description:	Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0199-01 CESA-2013:0199 CVE-2013-0170	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	libvirt
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section libvirt-devel is earlier than 0:0.9.10-21.el6_3.8 AND libvirt-python is earlier than 0:0.9.10-21.el6_3.8 AND libvirt-client is earlier than 0:0.9.10-21.el6_3.8 AND libvirt-lock-sanlock is earlier than 0:0.9.10-21.el6_3.8 AND libvirt is earlier than 0:0.9.10-21.el6_3.8

Definition Id: oval:org.mitre.oval:def:21298

Oval ID:	oval:org.mitre.oval:def:21298
Title:	RHSA-2012:1359: libvirt security and bug fix update (Moderate)
Description:	The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a "gap" in the RPC dispatch table.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1359-01 CESA-2012:1359 CVE-2012-4423	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	libvirt
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section libvirt-devel is earlier than 0:0.9.10-21.el6_3.5 AND libvirt-client is earlier than 0:0.9.10-21.el6_3.5 AND libvirt-python is earlier than 0:0.9.10-21.el6_3.5 AND libvirt-lock-sanlock is earlier than 0:0.9.10-21.el6_3.5 AND libvirt is earlier than 0:0.9.10-21.el6_3.5

Definition Id: oval:org.mitre.oval:def:23681

Oval ID:	oval:org.mitre.oval:def:23681
Title:	ELSA-2013:0199: libvirt security update (Important)
Description:	Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0199-01 CVE-2013-0170	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	libvirt
Definition Synopsis:
Oracle Linux 6.x rpm test libvirt-devel is earlier than 0:0.9.10-21.el6_3.8 AND libvirt-python is earlier than 0:0.9.10-21.el6_3.8 AND libvirt-client is earlier than 0:0.9.10-21.el6_3.8 AND libvirt-lock-sanlock is earlier than 0:0.9.10-21.el6_3.8 AND libvirt is earlier than 0:0.9.10-21.el6_3.8

Definition Id: oval:org.mitre.oval:def:23737

Oval ID:	oval:org.mitre.oval:def:23737
Title:	ELSA-2012:1359: libvirt security and bug fix update (Moderate)
Description:	The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a "gap" in the RPC dispatch table.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1359-01 CVE-2012-4423	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	libvirt
Definition Synopsis:
Oracle Linux 6.x rpm test libvirt-devel is earlier than 0:0.9.10-21.el6_3.5 AND libvirt-client is earlier than 0:0.9.10-21.el6_3.5 AND libvirt-python is earlier than 0:0.9.10-21.el6_3.5 AND libvirt-lock-sanlock is earlier than 0:0.9.10-21.el6_3.5 AND libvirt is earlier than 0:0.9.10-21.el6_3.5

Definition Id: oval:org.mitre.oval:def:25946

Oval ID:	oval:org.mitre.oval:def:25946
Title:	SUSE-SU-2013:0320-1 -- Security update for libvirt
Description:	libvirt was updated to fix the following security issue: * A flaw was found in the way message freeing on connection cleanup was handled under certain error conditions. A remote user able to issue commands to libvirt daemon could use this flaw to crash libvirtd or, potentially, escalate their privilages to that of libvirtd process. (CVE-2013-0170) Also following bug has been fixed: * Add managedSave functions to legacy xen driver bnc#782311 Security Issue reference: * CVE-2013-0170 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0170 >
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:0320-1 CVE-2013-0170	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	libvirt
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section libvirt RPM is earlier than 0:0.9.6-0.25.1 AND libvirt-client RPM is earlier than 0:0.9.6-0.25.1 AND libvirt-doc RPM is earlier than 0:0.9.6-0.25.1 AND libvirt-python RPM is earlier than 0:0.9.6-0.25.1 AND libvirt-client-32bit RPM is earlier than 0:0.9.6-0.25.1

Definition Id: oval:org.mitre.oval:def:27095

Oval ID:	oval:org.mitre.oval:def:27095
Title:	DEPRECATED: ELSA-2013-0199 -- libvirt security update (important)
Description:	[libvirt-0.9.10-21.0.1.el6_3.8] - Replace docs/et.png in tarball with blank image [0.9.10-21.el6_3.8] - rpc: Fix crash on error paths of message dispatching (CVE-2013-0170)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0199 CVE-2013-0170	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	libvirt
Definition Synopsis:
Oracle Linux 6.x Packages match section libvirt is earlier than 0:0.9.10-21.0.1.el6_3.8 AND libvirt-client is earlier than 0:0.9.10-21.0.1.el6_3.8 AND libvirt-devel is earlier than 0:0.9.10-21.0.1.el6_3.8 AND libvirt-python is earlier than 0:0.9.10-21.0.1.el6_3.8

Definition Id: oval:org.mitre.oval:def:27646

Oval ID:	oval:org.mitre.oval:def:27646
Title:	DEPRECATED: ELSA-2012-1359 -- libvirt security and bug fix update (moderate)
Description:	[libvirt-0.9.10-21.0.1.el6_3.5] - Replace docs/et.png in tarball with blank image [libvirt-0.9.10-21.el6_3.5] - security: Fix libvirtd crash possibility (CVE-2012-4423) - Fix augeas test of shared sanlock leases (rhbz#858988) - qemu augeas: Add spice_tls/spice_tls_x509_cert_dir (rhbz#858988) - Fix mistakes in augeas lens (rhbz#858988) - qemu: Fix failure path in disk hotplug (rhbz#859376) - blockjob: Relabel entire existing chain (rhbz#860720)
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1359 CVE-2012-4423	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	libvirt
Definition Synopsis:
Oracle Linux 6.x Packages match section libvirt is earlier than 0:0.9.10-21.0.1.el6_3.5 AND libvirt-client is earlier than 0:0.9.10-21.0.1.el6_3.5 AND libvirt-devel is earlier than 0:0.9.10-21.0.1.el6_3.5 AND libvirt-python is earlier than 0:0.9.10-21.0.1.el6_3.5

CPE : Common Platform Enumeration

Type	Description	Count
Application	Redhat Libvirt cpe:2.3:a:redhat:libvirt:1.0.1:rc1:::::: cpe:2.3:a:redhat:libvirt:1.0.1:rc2:::::: cpe:2.3:a:redhat:libvirt:1.0.1:-:::::: cpe:2.3:a:redhat:libvirt:1.0.0:rc1:::::: cpe:2.3:a:redhat:libvirt:1.0.0:rc2:::::: cpe:2.3:a:redhat:libvirt:1.0.0:rc3:::::: cpe:2.3:a:redhat:libvirt:1.0.0:-:::::: cpe:2.3:a:redhat:libvirt:0.9.9:::::::* cpe:2.3:a:redhat:libvirt:0.9.9:rc1:::::: cpe:2.3:a:redhat:libvirt:0.9.9:rc2:::::: cpe:2.3:a:redhat:libvirt:0.9.8:rc1:::::: cpe:2.3:a:redhat:libvirt:0.9.8:rc2:::::: cpe:2.3:a:redhat:libvirt:0.9.8:-:::::: cpe:2.3:a:redhat:libvirt:0.9.7:::::::* cpe:2.3:a:redhat:libvirt:0.9.7:rc1:::::: cpe:2.3:a:redhat:libvirt:0.9.6.4:::::::* cpe:2.3:a:redhat:libvirt:0.9.6.3:::::::* cpe:2.3:a:redhat:libvirt:0.9.6.2:::::::* cpe:2.3:a:redhat:libvirt:0.9.6.1:::::::* cpe:2.3:a:redhat:libvirt:0.9.6:::::::* cpe:2.3:a:redhat:libvirt:0.9.5:rc1:::::: cpe:2.3:a:redhat:libvirt:0.9.5:rc2:::::: cpe:2.3:a:redhat:libvirt:0.9.5:rc3:::::: cpe:2.3:a:redhat:libvirt:0.9.5:-:::::: cpe:2.3:a:redhat:libvirt:0.9.4:rc1:::::: cpe:2.3:a:redhat:libvirt:0.9.4:rc2:::::: cpe:2.3:a:redhat:libvirt:0.9.4:-:::::: cpe:2.3:a:redhat:libvirt:0.9.3:rc1:::::: cpe:2.3:a:redhat:libvirt:0.9.3:rc2:::::: cpe:2.3:a:redhat:libvirt:0.9.3:-:::::: cpe:2.3:a:redhat:libvirt:0.9.2:::::::* cpe:2.3:a:redhat:libvirt:0.9.13:rc1:::::: cpe:2.3:a:redhat:libvirt:0.9.13:rc2:::::: cpe:2.3:a:redhat:libvirt:0.9.13:-:::::: cpe:2.3:a:redhat:libvirt:0.9.12.3:::::::* cpe:2.3:a:redhat:libvirt:0.9.12.2:::::::* cpe:2.3:a:redhat:libvirt:0.9.12.1:::::::* cpe:2.3:a:redhat:libvirt:0.9.12:rc1:::::: cpe:2.3:a:redhat:libvirt:0.9.12:rc2:::::: cpe:2.3:a:redhat:libvirt:0.9.12:-:::::: cpe:2.3:a:redhat:libvirt:0.9.11.9:::::::* cpe:2.3:a:redhat:libvirt:0.9.11.8:::::::* cpe:2.3:a:redhat:libvirt:0.9.11.7:::::::* cpe:2.3:a:redhat:libvirt:0.9.11.6:::::::* cpe:2.3:a:redhat:libvirt:0.9.11.5:::::::* cpe:2.3:a:redhat:libvirt:0.9.11.4:::::::* cpe:2.3:a:redhat:libvirt:0.9.11.3:::::::* cpe:2.3:a:redhat:libvirt:0.9.11.2:::::::* cpe:2.3:a:redhat:libvirt:0.9.11.10:::::::* cpe:2.3:a:redhat:libvirt:0.9.11.1:::::::* cpe:2.3:a:redhat:libvirt:0.9.11:rc1:::::: cpe:2.3:a:redhat:libvirt:0.9.11:rc2:::::: cpe:2.3:a:redhat:libvirt:0.9.11:-:::::: cpe:2.3:a:redhat:libvirt:0.9.10:rc1:::::: cpe:2.3:a:redhat:libvirt:0.9.10:rc2:::::: cpe:2.3:a:redhat:libvirt:0.9.10:-:::::: cpe:2.3:a:redhat:libvirt:0.9.1:::::::* cpe:2.3:a:redhat:libvirt:0.9.0:::::::* cpe:2.3:a:redhat:libvirt:0.8.8:::::::* cpe:2.3:a:redhat:libvirt:0.8.7:::::::* cpe:2.3:a:redhat:libvirt:0.8.6:::::::* cpe:2.3:a:redhat:libvirt:0.8.5:::::::* cpe:2.3:a:redhat:libvirt:0.8.4:::::::* cpe:2.3:a:redhat:libvirt:0.8.3:::::::* cpe:2.3:a:redhat:libvirt:0.8.2:::::::* cpe:2.3:a:redhat:libvirt:0.8.1:::::::* cpe:2.3:a:redhat:libvirt:0.8.0:::::::* cpe:2.3:a:redhat:libvirt:0.7.7:::::::* cpe:2.3:a:redhat:libvirt:0.7.6:::::::* cpe:2.3:a:redhat:libvirt:0.7.5:::::::* cpe:2.3:a:redhat:libvirt:0.7.4:::::::* cpe:2.3:a:redhat:libvirt:0.7.3:::::::* cpe:2.3:a:redhat:libvirt:0.7.2:::::::* cpe:2.3:a:redhat:libvirt:0.7.1:::::::* cpe:2.3:a:redhat:libvirt:0.7.0:::::::* cpe:2.3:a:redhat:libvirt:0.6.5:::::::* cpe:2.3:a:redhat:libvirt:0.6.4:::::::* cpe:2.3:a:redhat:libvirt:0.6.3:::::::* cpe:2.3:a:redhat:libvirt:0.6.2:::::::* cpe:2.3:a:redhat:libvirt:0.6.1:::::::* cpe:2.3:a:redhat:libvirt:0.6.0:::::::* cpe:2.3:a:redhat:libvirt:0.5.1:::::::* cpe:2.3:a:redhat:libvirt:0.5.0:::::::* cpe:2.3:a:redhat:libvirt:0.4.6:::::::* cpe:2.3:a:redhat:libvirt:0.4.5:::::::* cpe:2.3:a:redhat:libvirt:0.4.4:::::::* cpe:2.3:a:redhat:libvirt:0.4.3:::::::* cpe:2.3:a:redhat:libvirt:0.4.2:::::::* cpe:2.3:a:redhat:libvirt:0.4.1:::::::* cpe:2.3:a:redhat:libvirt:0.4.0:::::::* cpe:2.3:a:redhat:libvirt:0.3.3:::::::* cpe:2.3:a:redhat:libvirt:0.3.2:::::::* cpe:2.3:a:redhat:libvirt:0.3.1:::::::* cpe:2.3:a:redhat:libvirt:0.3.0:::::::* cpe:2.3:a:redhat:libvirt:0.2.3:::::::* cpe:2.3:a:redhat:libvirt:0.2.2:::::::* cpe:2.3:a:redhat:libvirt:0.2.1:::::::* cpe:2.3:a:redhat:libvirt:0.2.0:::::::* cpe:2.3:a:redhat:libvirt:0.10.2.8:::::::* cpe:2.3:a:redhat:libvirt:0.10.2.7:::::::* cpe:2.3:a:redhat:libvirt:0.10.2.6:::::::* cpe:2.3:a:redhat:libvirt:0.10.2.5:::::::* cpe:2.3:a:redhat:libvirt:0.10.2.4:::::::* cpe:2.3:a:redhat:libvirt:0.10.2.3:::::::* cpe:2.3:a:redhat:libvirt:0.10.2.2:::::::* cpe:2.3:a:redhat:libvirt:0.10.2.1:::::::* cpe:2.3:a:redhat:libvirt:0.10.2:rc1:::::: cpe:2.3:a:redhat:libvirt:0.10.2:rc2:::::: cpe:2.3:a:redhat:libvirt:0.10.2:-:::::: cpe:2.3:a:redhat:libvirt:0.10.1:::::::* cpe:2.3:a:redhat:libvirt:0.10.0:rc0:::::: cpe:2.3:a:redhat:libvirt:0.10.0:rc1:::::: cpe:2.3:a:redhat:libvirt:0.10.0:rc2:::::: cpe:2.3:a:redhat:libvirt:0.10.0:-:::::: cpe:2.3:a:redhat:libvirt:0.1.9:::::::* cpe:2.3:a:redhat:libvirt:0.1.8:::::::* cpe:2.3:a:redhat:libvirt:0.1.7:::::::* cpe:2.3:a:redhat:libvirt:0.1.6:::::::* cpe:2.3:a:redhat:libvirt:0.1.5:::::::* cpe:2.3:a:redhat:libvirt:0.1.4:::::::* cpe:2.3:a:redhat:libvirt:0.1.3:::::::* cpe:2.3:a:redhat:libvirt:0.1.11:::::::* cpe:2.3:a:redhat:libvirt:0.1.10:::::::* cpe:2.3:a:redhat:libvirt:0.1.1:::::::* cpe:2.3:a:redhat:libvirt:0.1.0:::::::* cpe:2.3:a:redhat:libvirt:0.0.6:::::::* cpe:2.3:a:redhat:libvirt:0.0.5:::::::* cpe:2.3:a:redhat:libvirt:0.0.4:::::::* cpe:2.3:a:redhat:libvirt:0.0.3:::::::* cpe:2.3:a:redhat:libvirt:0.0.2:::::::* cpe:2.3:a:redhat:libvirt:0.0.1:::::::* cpe:2.3:a:redhat:libvirt::0.9.11.4::::::* cpe:2.3:a:redhat:libvirt::0.9.11::::::* cpe:2.3:a:redhat:libvirt::0.9.11.8::::::* cpe:2.3:a:redhat:libvirt::0.9.11.3::::::* cpe:2.3:a:redhat:libvirt::0.9.11.7::::::* cpe:2.3:a:redhat:libvirt::0.9.11.2::::::* cpe:2.3:a:redhat:libvirt::0.9.11.1::::::* cpe:2.3:a:redhat:libvirt::0.9.11.5::::::* cpe:2.3:a:redhat:libvirt::0.9.11.6::::::* cpe:2.3:a:redhat:libvirt:::::::: cpe:2.3:a:redhat:libvirt:-:::::::*	142
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::	2
Os	Fedoraproject Fedora cpe:2.3:o:fedoraproject:fedora:18:::::::* cpe:2.3:o:fedoraproject:fedora:17:::::::* cpe:2.3:o:fedoraproject:fedora:16:::::::*	3
Os	Opensuse cpe:2.3:o:opensuse:opensuse:12.2:::::::* cpe:2.3:o:opensuse:opensuse:12.1:::::::*	2
Os	Redhat Enterprise Linux Desktop cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*	1
Os	Redhat Enterprise Linux Eus cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::*	1
Os	Redhat Enterprise Linux Server cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*	1
Os	Redhat Enterprise Linux Workstation cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*	1
Os	Suse Linux Enterprise Desktop cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2::::::	1
Os	Suse Linux Enterprise Server cpe:2.3:o:suse:linux_enterprise_server:11:sp2::::-::*	1
Os	Suse Linux Enterprise Software Development Kit cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2::::::	1

OpenVAS Exploits

Date	Description
2012-10-19	Name : Fedora Update for libvirt FEDORA-2012-15640 File : nvt/gb_fedora_2012_15640_libvirt_fc16.nasl
2012-10-16	Name : Fedora Update for libvirt FEDORA-2012-15634 File : nvt/gb_fedora_2012_15634_libvirt_fc17.nasl
2012-10-12	Name : CentOS Update for libvirt CESA-2012:1359 centos6 File : nvt/gb_CESA-2012_1359_libvirt_centos6.nasl
2012-10-12	Name : RedHat Update for libvirt RHSA-2012:1359-01 File : nvt/gb_RHSA-2012_1359-01_libvirt.nasl

Nessus® Vulnerability Scanner

Date	Description
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1375.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-108.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-105.nasl - Type : ACT_GATHER_INFO
2013-09-26	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-18.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0199.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1359.nasl - Type : ACT_GATHER_INFO
2013-06-29	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0199.nasl - Type : ACT_GATHER_INFO
2013-02-21	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libvirt-130205.nasl - Type : ACT_GATHER_INFO
2013-02-08	Name : The remote Fedora host is missing a security update. File : fedora_2013-1642.nasl - Type : ACT_GATHER_INFO
2013-02-08	Name : The remote Fedora host is missing a security update. File : fedora_2013-1626.nasl - Type : ACT_GATHER_INFO
2013-02-06	Name : The remote Fedora host is missing a security update. File : fedora_2013-1644.nasl - Type : ACT_GATHER_INFO
2013-01-30	Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-1708-1.nasl - Type : ACT_GATHER_INFO
2013-01-29	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0199.nasl - Type : ACT_GATHER_INFO
2013-01-29	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130128_libvirt_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libvirt-201211-121102.nasl - Type : ACT_GATHER_INFO
2012-10-17	Name : The remote Fedora host is missing a security update. File : fedora_2012-15640.nasl - Type : ACT_GATHER_INFO
2012-10-16	Name : The remote Fedora host is missing a security update. File : fedora_2012-15634.nasl - Type : ACT_GATHER_INFO
2012-10-15	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1359.nasl - Type : ACT_GATHER_INFO
2012-10-12	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1359.nasl - Type : ACT_GATHER_INFO
2012-10-12	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121011_libvirt_on_SL6_x.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 12:01:25	Multiple Updates
2013-02-11 21:21:29	Multiple Updates
2013-02-09 00:24:29	Multiple Updates
2013-01-29 21:17:54	First insertion

Global Informations

Type	Count
CWE ID(s)	1
Oval ID(s)	8
CPE ID(s)	156
Openvas Exploit(s)	4
Nessus® Exploit(s)	20

	Related
6.8	CVE-2013-0170
5	CVE-2012-4423
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 2 more Alert(s)

9.3 - USN-1708-1

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

OpenVAS Exploits

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU