How to Buy
This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.
The remote Red Hat host is missing one or more security updates.
Updated libvirt packages that fix one security issue, multiple bugs,
and add various enhancements are now available for Red Hat Enterprise
The Red Hat Security Response Team has rated this update as having
moderate security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from
the CVE link in the References section.
The libvirt library is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remote management of virtualized
It was discovered that libvirt made certain invalid assumptions about
dnsmasq's command line options when setting up DNS masquerading for
virtual machines, resulting in dnsmasq incorrectly processing network
packets from network interfaces that were intended to be prohibited.
This update includes the changes necessary to call dnsmasq with a new
command line option, which was introduced to dnsmasq via
In order for libvirt to be able to make use of the new command line
option (--bind-dynamic), updated dnsmasq packages need to be
installed. Refer to RHSA-2013:0277 for additional information.
These updated libvirt packages include numerous bug fixes and
enhancements. Space precludes documenting all of these changes in this
advisory. Users are directed to the Red Hat Enterprise Linux 6.4
Technical Notes, linked to in the References, for information on the
most significant of these changes.
All users of libvirt are advised to upgrade to these updated packages,
which fix these issues and add these enhancements. After installing
the updated packages, libvirtd must be restarted ('service libvirtd
restart') for this update to take effect.
See also :
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true
Family: Red Hat Local Security Checks
Nessus Plugin ID: 64749 ()
Bugtraq ID: 54353
CVE ID: CVE-2012-3411
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.