#VU42268 Permissions, Privileges, and Access Controls in libvirt - CVE-2013-4400

Cybersecurity Help s.r.o.

Published: 2013-12-09 | Updated: 2020-08-10

Vulnerability identifier: #VU42268

Vulnerability risk: High

CVSSv4.0: 6.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2013-4400

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libvirt
Universal components / Libraries / Libraries used by multiple products

Vendor: libvirt.org

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libvirt: 1.1.2 - 1.1.3

External links
https://libvirt.org/git/?p=libvirt.git;a=commit;h=3e2f27e13b94f7302ad948bcacb5e02c859a25fc
https://libvirt.org/git/?p=libvirt.git;a=commit;h=8c3586ea755c40d5e01b22cb7b5c1e668cdec994
https://libvirt.org/git/?p=libvirt.git;a=commit;h=b7fcc799ad5d8f3e55b89b94e599903e3c092467
https://lists.fedoraproject.org/pipermail/package-announce/2013-November/121370.html
https://secunia.com/advisories/60895
https://security.gentoo.org/glsa/glsa-201412-04.xml
https://wiki.libvirt.org/page/Maintenance_Releases
https://bugzilla.redhat.com/show_bug.cgi?id=1015228

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in libvirt