CVE-2011-4600
published 2016-04-14CVE-2011-4600: The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when…
medium5.9CVSS 3.0
AVNACHPRNUINSUCNIHAN
The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | libvirt | < libvirt 0.9.9-1 (bookworm) | libvirt 0.9.9-1 (bookworm) |
| redhat | libvirt | — | — |
| redhat | libvirt | >= 0 < 0.9.9-1 | 0.9.9-1 |
| redhat | libvirt | >= 0 < 0.9.9-1 | 0.9.9-1 |
| redhat | libvirt | >= 0 < 0.9.9-1 | 0.9.9-1 |
| redhat | libvirt | >= 0 < 0.9.9-1 | 0.9.9-1 |
| redhat | libvirt | >= 0 < 1.2.2-0ubuntu13.1.16 | 1.2.2-0ubuntu13.1.16 |
CVSS provenance
nvdv3.05.9MEDIUMCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
osv5.9MEDIUM