CVE Reference: CVE-2013-4400

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2013-4400

Description:
virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.

CVE Status:
Candidate

References:

SAID
  Secunia Advisory: SA60895

GENTOO
  http://security.gentoo.org/glsa/glsa-201412-04.xml

FEDORA
  http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121370.html

CONFIRM
  http://wiki.libvirt.org/page/Maintenance_Releases
  http://libvirt.org/git/?p=libvirt.git;a=commit;h=b7fcc799ad5d8f3e55b89b94e599903e3c092467
  http://libvirt.org/git/?p=libvirt.git;a=commit;h=8c3586ea755c40d5e01b22cb7b5c1e668cdec994
  http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e2f27e13b94f7302ad948bcacb5e02c859a25fc


Return to the previous page.