Gentoo Security Advisory GLSA 201204-01 (virtualbox) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201204-01.

Solution

All VirtualBox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/virtualbox-4.1.8' All VirtualBox binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/virtualbox-bin-4.1.8' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201204-01 http://bugs.gentoo.org/show_bug.cgi?id=386317 http://bugs.gentoo.org/show_bug.cgi?id=399807

Insight

Multiple vulnerabilities were found in VirtualBox, allowing local attackers to gain escalated privileges.

Severity

Classification

CVE CVE-2010-4414, CVE-2011-2300, CVE-2011-2305, CVE-2012-0105, CVE-2012-0111
CVSS Base Score: 6.8
AV:L/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200409-07 (xv)
Gentoo Security Advisory GLSA 200404-01 (Portage)
Gentoo Security Advisory GLSA 200411-10 (gallery)
Gentoo Security Advisory GLSA 200410-12 (wordpress)
Gentoo Security Advisory GLSA 200502-13 (Perl)

Take action and discover your vulnerabilities