RSS   Vulnerabilities for 'Vzctl'   RSS

2015-09-28
 
CVE-2015-6927

 

 
vzctl before 4.9.4 determines the virtual environment (VE) layout based on the presence of root.hdd/DiskDescriptor.xml in the VE private directory, which allows local simfs container (CT) root users to change the root password for arbitrary ploop containers, as demonstrated by a symlink attack on the ploop container root.hdd file and then access a control panel.

 

 >>> Vendor: Openvz 2 Products
Vzkernel
Vzctl


Copyright 2021, cxsecurity.com

 

Back to Top