Gentoo Security Advisory GLSA 201204-01 (virtualbox) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201204-01.

Solution

All VirtualBox users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/virtualbox-4.1.8' All VirtualBox binary users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/virtualbox-bin-4.1.8' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201204-01 http://bugs.gentoo.org/show_bug.cgi?id=386317 http://bugs.gentoo.org/show_bug.cgi?id=399807

Insight

Multiple vulnerabilities were found in VirtualBox, allowing local attackers to gain escalated privileges.

Severity

Classification

CVE CVE-2010-4414, CVE-2011-2300, CVE-2011-2305, CVE-2012-0105, CVE-2012-0111

CVSS	Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Gentoo Security Advisory GLSA 200502-12 (Webmin)
Gentoo Security Advisory GLSA 200409-29 (FreeRADIUS)
Gentoo Security Advisory GLSA 200501-45 (gallery)
Gentoo Security Advisory GLSA 200401-01 (Kernel)
Gentoo Security Advisory GLSA 200502-15 (PowerDNS)

Take action and discover your vulnerabilities