Candidate: CVE-2009-0036
PublicDate: 2009-02-11 20:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0036
Description:
 Buffer overflow in the proxyReadClientSocket function in
 proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to
 gain privileges by sending a portion of the header of a virProxyPacket
 packet, and then sending the remainder of the packet with crafted values in
 the header, related to use of uninitialized memory in a validation check.
Ubuntu-Description:
Notes:
 jdstrand> code exists but is not compiled on Ubuntu
Bugs:
Priority: negligible
Discovered-by:
Assigned-to:
CVSS: 

Patches_libvirt:
upstream_libvirt: released (0.6.0)
dapper_libvirt: DNE
gutsy_libvirt: needed (reached end-of-life)
hardy_libvirt: not-affected (code not compiled)
intrepid_libvirt: needed (reached end-of-life)
jaunty_libvirt: not-affected (0.6.1-0ubuntu5.1)
karmic_libvirt: not-affected
lucid_libvirt: not-affected
devel_libvirt: not-affected