The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when started in daemon mode, uses weak permissions for certain files, which allows local users to read and write to these files.
git.qemu.org/?p=qemu.git%3Ba=commit%3Bh=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67
lists.opensuse.org/opensuse-updates/2013-07/msg00057.html
osvdb.org/93032
rhn.redhat.com/errata/RHSA-2013-0791.html
rhn.redhat.com/errata/RHSA-2013-0896.html
secunia.com/advisories/53325
www.openwall.com/lists/oss-security/2013/05/06/5
www.securityfocus.com/bid/59675
www.securitytracker.com/id/1028521
bugzilla.redhat.com/show_bug.cgi?id=956082
exchange.xforce.ibmcloud.com/vulnerabilities/84047