2.1
CVE-2010-2242
- EPSS 0.42%
- Veröffentlicht 19.08.2010 18:00:03
- Zuletzt bearbeitet 16.06.2026 23:20:22
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.42% | 0.337 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:P/I:N/A:N
|
http://lists.opensuse.org/opensuse-security-announce/2010-09/msg00006.html
http://libvirt.org/news.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044520.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-July/044579.html
http://ubuntu.com/usn/usn-1008-1
http://ubuntu.com/usn/usn-1008-2
http://ubuntu.com/usn/usn-1008-3
http://www.vupen.com/english/advisories/2010/2763
http://www.redhat.com/support/errata/RHSA-2010-0615.html
http://www.vupen.com/english/advisories/2010/2062
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/591943
https://bugzilla.redhat.com/show_bug.cgi?id=602455