Lucene search
RedhatCVELIST:CVE-2013-4401HistoryNov 02, 2013 - 6:00 p.m.
CVE-2013-4401
2013-11-0218:00:00
redhat
www.cve.org
5
The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained from third party information.
References
libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c
secunia.com/advisories/55210
secunia.com/advisories/60895
security.gentoo.org/glsa/glsa-201412-04.xml
wiki.libvirt.org/page/Maintenance_Releases
www.securitytracker.com/id/1029241
www.ubuntu.com/usn/USN-2026-1
bugzilla.redhat.com/show_bug.cgi?id=1015259
Related
prion
prion
Information disclosure
2013-11-02 18:55:00
securityvulns
securityvulns
[USN-2026-1] libvirt vulnerability
2013-11-18 00:00:00
Libvirt code privilege escalation
2013-11-18 00:00:00
veracode
veracode
Code Execution Via Privilege Escalation
2018-08-15 03:27:55
ubuntucve
ubuntucve
CVE-2013-4401
2013-11-02 00:00:00
debiancve
debiancve
CVE-2013-4401
2013-11-02 18:55:03
openvas
openvas
Ubuntu: Security Advisory (USN-2026-1)
2013-11-18 00:00:00
Ubuntu Update for libvirt USN-2026-1
2013-11-18 00:00:00
Gentoo Security Advisory GLSA 201412-04
2015-09-29 00:00:00
nvd
nvd
CVE-2013-4401
2013-11-02 18:55:03
ubuntu
ubuntu
libvirt vulnerability
2013-11-11 00:00:00
nessus
nessus
Ubuntu 13.10 : libvirt vulnerability (USN-2026-1)
2013-11-12 00:00:00
GLSA-201412-04 : libvirt: Multiple vulnerabilities
2014-12-09 00:00:00
cve
cve
CVE-2013-4401
2013-11-02 18:55:03
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 1.1.4-alt1
2013-11-06 00:00:00
gentoo
gentoo
libvirt: Multiple vulnerabilities
2014-12-08 00:00:00
osv
osv