Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2013-2211HistoryAug 28, 2013 - 9:55 p.m.
CVE-2013-2211
2013-08-2821:55:08
Debian Security Bug Tracker
security-tracker.debian.org
12
7.4 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
26.7%
The libxenlight (libxl) toolstack library in Xen 4.0.x, 4.1.x, and 4.2.x uses weak permissions for xenstore keys for paravirtualised and emulated serial console devices, which allows local guest administrators to modify the xenstore value via unspecified vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | xen | < 4.3.0-1 | xen_4.3.0-1_all.deb |
| Debian | 11 | all | xen | < 4.3.0-1 | xen_4.3.0-1_all.deb |
| Debian | 999 | all | xen | < 4.3.0-1 | xen_4.3.0-1_all.deb |
| Debian | 13 | all | xen | < 4.3.0-1 | xen_4.3.0-1_all.deb |
Related
xen
xen
libxl allows guest write access to sensitive console related xenstore keys
2013-06-20 12:00:00
cvelist
cvelist
CVE-2013-2211
2013-08-28 17:00:00
nessus
nessus
Fedora 18 : xen-4.2.2-9.fc18 (2013-11768)
2013-07-12 00:00:00
Fedora 17 : xen-4.1.5-8.fc17 (2013-11785)
2013-07-12 00:00:00
Fedora 19 : xen-4.2.2-10.fc19 (2013-11837)
2013-07-12 00:00:00
cve
cve
CVE-2013-2211
2013-08-28 21:55:08
nvd
nvd
CVE-2013-2211
2013-08-28 21:55:08
prion
prion
Design/Logic Flaw
2013-08-28 21:55:00
ubuntucve
ubuntucve
CVE-2013-2211
2013-08-28 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: xen-4.2.2-10.fc19
2013-07-03 03:31:03
[SECURITY] Fedora 19 Update: xen-4.2.3-1.fc19
2013-09-19 02:08:09
[SECURITY] Fedora 19 Update: xen-4.2.3-2.fc19
2013-10-06 01:33:34
openvas
openvas
Fedora Update for xen FEDORA-2013-11837
2013-08-20 00:00:00
Fedora Update for xen FEDORA-2013-11837
2013-08-20 00:00:00
Fedora Update for xen FEDORA-2013-16357
2013-09-24 00:00:00
suse
suse
Security update for Xen (important)
2013-08-09 16:04:13
Security update for Xen (important)
2014-03-25 23:04:15
mageia
mageia
Updated xen package fixes security issues
2013-07-01 23:17:22
osv
osv
xen - security update
2014-08-18 00:00:00
debian
debian
[SECURITY] [DSA 3006-1] xen security update
2014-08-18 12:41:33
gentoo
gentoo
Xen: Multiple vulnerabilities
2013-09-27 00:00:00
7.4 High
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:A/AC:M/Au:S/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
26.7%
Related for DEBIANCVE:CVE-2013-2211