Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2013-4400

Published: 09/12/2013 Updated: 13/02/2023
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
VMScore: 641
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Libvirt

Vulnerability Summary

virt-login-shell in libvirt 1.1.2 up to and including 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.

Vulnerable Product Search on Vulmon Subscribe to Product

redhat libvirt 1.1.2

redhat libvirt 1.1.3

Vendor Advisories

Debian CVElist Bug Report Logs: libvirt: CVE-2013-4400 / CVE-2013-4401
Debian Bug report logs - #727101 libvirt: CVE-2013-4400 / CVE-2013-4401 Package: libvirt; Maintainer for libvirt is Debian Libvirt Maintainers <pkg-libvirt-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Tue, 22 Oct 2013 10:15:01 UTC Severity: important Tags: patch, securi ...
Red Hat: CVE-2013-4400
virt-login-shell in libvirt 112 through 113 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments ...

References

CWE-264http://lists.fedoraproject.org/pipermail/package-announce/2013-November/121370.htmlhttp://wiki.libvirt.org/page/Maintenance_Releaseshttps://bugzilla.redhat.com/show_bug.cgi?id=1015228http://secunia.com/advisories/60895http://security.gentoo.org/glsa/glsa-201412-04.xmlhttp://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7fcc799ad5d8f3e55b89b94e599903e3c092467http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=8c3586ea755c40d5e01b22cb7b5c1e668cdec994http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=3e2f27e13b94f7302ad948bcacb5e02c859a25fchttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727101https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2013-4400
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook