Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
436
VMScore

CVE-2014-3519

Published: 01/02/2018 Updated: 27/02/2018
CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 6.5 | Impact Score: 4 | Exploitability Score: 2
VMScore: 436
Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N
Subscribe to Openvz

Vulnerability Summary

The open_by_handle_at function in vzkernel prior to 042stab090.5 in the OpenVZ modification for the Linux kernel 2.6.32, when using simfs, might allow local container users with CAP_DAC_READ_SEARCH capability to bypass an intended container protection mechanism and access arbitrary files on a filesystem via vectors related to use of the file_handle structure.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openvz vzkernel 2.6.32

Github Repositories

https://github.com/mrmainnet/proxomox

Proxmox

proxomox About bug CVE-2014-3519 wwwopenwallcom/lists/oss-security/2014/06/24/16 wwwwebhostingtalkcom/showthreadphp?t=1387714 Updated kernel packages that fix three security issues But I'm using proxmox 23 (debian 6) and I don't want move to proxmox 3x How to update kernel package? apt-get install git -y git clone git://gitproxmoxcom/git/pv

References

CWE-284https://openvz.org/Download/kernel/rhel6/042stab090.5https://help.virtuozzo.com/customer/en/portal/articles/2563843-cu-2-6-32-042stab090-5-parallels-server-bare-metal-5-0-core-updatehttps://help.virtuozzo.com/customer/en/portal/articles/2563842-cu-2-6-32-042stab090-5-parallels-virtuozzo-containers-4-7-core-updatehttps://help.virtuozzo.com/customer/en/portal/articles/2522783-parallels-cloud-server-6-0-update-6-hotfix-8-6-0-6-2004-http://www.securityfocus.com/bid/68171http://www.openwall.com/lists/oss-security/2014/06/24/16https://nvd.nist.govhttps://github.com/mrmainnet/proxomox
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook