Lucene search

K

RedhatCVELIST:CVE-2010-2242

HistoryAug 19, 2010 - 5:43 p.m.

CVE-2010-2242

2010-08-1917:43:00

redhat

www.cve.org

9

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

26.4%

Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree.

References

libvirt.org/news.html

lists.fedoraproject.org/pipermail/package-announce/2010-July/044520.html

lists.fedoraproject.org/pipermail/package-announce/2010-July/044579.html

lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html

ubuntu.com/usn/usn-1008-1

ubuntu.com/usn/usn-1008-2

ubuntu.com/usn/usn-1008-3

www.redhat.com/support/errata/RHSA-2010-0615.html

www.vupen.com/english/advisories/2010/2062

www.vupen.com/english/advisories/2010/2763

bugs.launchpad.net/ubuntu/+source/libvirt/+bug/591943

bugzilla.redhat.com/show_bug.cgi?id=602455

AI Score

6.1

Confidence

Low

EPSS

0.001

Percentile

26.4%

Related for CVELIST:CVE-2010-2242

debiancve1 ubuntucve1 nessus16 prion1 cve1 veracode1 nvd1 oraclelinux1 openvas15 redhat1 centos1 fedora2 ubuntu4 securityvulns2