 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.870662 |
| Category: | Red Hat Local Security Checks |
| Title: | RedHat Update for virt-v2v RHSA-2011:1615-03 |
| Summary: | The remote host is missing an update for the 'virt-v2v'; package(s) announced via the referenced advisory. |
| Description: | Summary: The remote host is missing an update for the 'virt-v2v' package(s) announced via the referenced advisory. Vulnerability Insight: virt-v2v is a tool for converting and importing virtual machines to libvirt-managed KVM (Kernel-based Virtual Machine), or Red Hat Enterprise Virtualization. Using virt-v2v to convert a guest that has a password-protected VNC console to a KVM guest removed that password protection from the converted guest: after conversion, a password was not required to access the converted guest's VNC console. Now, converted guests will require the same VNC console password as the original guest. Note that when converting a guest to run on Red Hat Enterprise Virtualization, virt-v2v will display a warning that VNC passwords are not supported. (CVE-2011-1773) Note: The Red Hat Enterprise Linux 6.2 perl-Sys-Virt update must also be installed to correct CVE-2011-1773. Bug fixes: * When converting a guest virtual machine (VM), whose name contained certain characters, virt-v2v would create a converted guest with a corrupted name. Now, virt-v2v will not corrupt guest names. (BZ#665883) * There were numerous usability issues when running virt-v2v as a non-root user. This update makes it simpler to run virt-v2v as a non-root user. (BZ#671094) * virt-v2v failed to convert a Microsoft Windows guest with Windows Recovery Console installed in a separate partition. Now, virt-v2v will successfully convert a guest with Windows Recovery Console installed in a separate partition by ignoring that partition. (BZ#673066) * virt-v2v failed to convert a Red Hat Enterprise Linux guest which did not have the symlink '/boot/grub/menu.lst'. With this update, virt-v2v can select a grub configuration file from several places. (BZ#694364) * This update removes information about the usage of deprecated command line options in the virt-v2v man page. (BZ#694370) * virt-v2v would fail to correctly change the allocation policy, (sparse or preallocated) when converting a guest with QCOW2 image format. The error message 'Cannot import VM, The selected disk configuration is not supported' was displayed. With this update, allocation policy changes to a guest with QCOW2 storage will work correctly. (BZ#696089) * The options '--network' and '--bridge' can not be used in conjunction when converting a guest, but no error message was displayed. With this update, virt-v2v will now display an error message if the mutually exclusive '--network' and '--bridge' command line opti ... Description truncated, please see the referenced URL(s) for more information. Affected Software/OS: virt-v2v on Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux Server (v. 6), Red Hat Enterprise Linux Workstation (v. 6) Solution: Please Install the Updated Packages. CVSS Score: 4.4 CVSS Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2011-1773 47086 http://secunia.com/advisories/47086 77558 http://www.osvdb.org/77558 RHSA-2011:1615 http://rhn.redhat.com/errata/RHSA-2011-1615.html https://bugzilla.redhat.com/show_bug.cgi?id=702754 https://git.fedorahosted.org/cgit/virt-v2v.git/commit/?id=7e9393129116699d1228bb02b9f65b78584582c1 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |