Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20120731_XEN_ON_SL5_X.NASL
HistoryAug 03, 2012 - 12:00 a.m.

Scientific Linux Security Update : xen on SL5.x i386/x86_64 (20120731)

2012-08-0300:00:00
This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
12
JSON

The xen packages contain administration tools and the xend service for managing the kernel-xen kernel for virtualization on Scientific Linux.

A flaw was found in the way the pyGrub boot loader handled compressed kernel images. A privileged guest user in a para-virtualized guest (a DomU) could use this flaw to create a crafted kernel image that, when attempting to boot it, could result in an out-of-memory condition in the privileged domain (the Dom0). (CVE-2012-2625)

All users of xen are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the xend service must be restarted for this update to take effect.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(61408);
  script_version("1.7");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2012-2625");

  script_name(english:"Scientific Linux Security Update : xen on SL5.x i386/x86_64 (20120731)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Scientific Linux host is missing one or more security
updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"The xen packages contain administration tools and the xend service for
managing the kernel-xen kernel for virtualization on Scientific Linux.

A flaw was found in the way the pyGrub boot loader handled compressed
kernel images. A privileged guest user in a para-virtualized guest (a
DomU) could use this flaw to create a crafted kernel image that, when
attempting to boot it, could result in an out-of-memory condition in
the privileged domain (the Dom0). (CVE-2012-2625)

All users of xen are advised to upgrade to these updated packages,
which contain a backported patch to correct this issue. After
installing the updated packages, the xend service must be restarted
for this update to take effect."
  );
  # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1208&L=scientific-linux-errata&T=0&P=335
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?7f83e6ce"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:A/AC:L/Au:S/C:N/I:N/A:P");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xen-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xen-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xen-libs");
  script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");

  script_set_attribute(attribute:"vuln_publication_date", value:"2012/10/31");
  script_set_attribute(attribute:"patch_publication_date", value:"2012/07/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/03");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Scientific Linux Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 5.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);


flag = 0;
if (rpm_check(release:"SL5", reference:"xen-3.0.3-135.el5_8.4")) flag++;
if (rpm_check(release:"SL5", reference:"xen-debuginfo-3.0.3-135.el5_8.4")) flag++;
if (rpm_check(release:"SL5", reference:"xen-devel-3.0.3-135.el5_8.4")) flag++;
if (rpm_check(release:"SL5", reference:"xen-libs-3.0.3-135.el5_8.4")) flag++;


if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_NOTE,
    extra      : rpm_report_get()
  );
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xen / xen-debuginfo / xen-devel / xen-libs");
}
VendorProductVersionCPE
fermilabscientific_linuxxenp-cpe:/a:fermilab:scientific_linux:xen
fermilabscientific_linuxxen-debuginfop-cpe:/a:fermilab:scientific_linux:xen-debuginfo
fermilabscientific_linuxxen-develp-cpe:/a:fermilab:scientific_linux:xen-devel
fermilabscientific_linuxxen-libsp-cpe:/a:fermilab:scientific_linux:xen-libs
fermilabscientific_linuxx-cpe:/o:fermilab:scientific_linux

Related

nessus 17
openvas 73
debiancve 1
cve 1
prion 1
ubuntucve 1
centos 1
veracode 1
oraclelinux 1
redhat 2
fedora 28
suse 7
nessus
nessus
CentOS 5 : xen (CESA-2012:1130)
2013-06-29 00:00:00
Fedora 17 : xen-4.1.2-17.fc17 (2012-8083)
2012-05-29 00:00:00
RHEL 5 : xen (RHSA-2012:1130)
2012-08-01 00:00:00
openvas
openvas
RedHat Update for xen RHSA-2012:1130-01
2012-08-03 00:00:00
Fedora Update for xen FEDORA-2012-8083
2012-08-30 00:00:00
Fedora Update for xen FEDORA-2012-8083
2012-08-30 00:00:00
debiancve
debiancve
CVE-2012-2625
2012-10-31 16:55:00
cve
cve
CVE-2012-2625
2012-10-31 16:55:00
prion
prion
Code injection
2012-10-31 16:55:00
ubuntucve
ubuntucve
CVE-2012-2625
2012-10-31 00:00:00
centos
centos
xen security update
2012-07-31 22:57:53
veracode
veracode
Denial Of Service (Dos)
2019-01-15 08:55:07
oraclelinux
oraclelinux
xen security update
2012-07-31 00:00:00
redhat
redhat
(RHSA-2012:1130) Moderate: xen security update
2012-07-31 00:00:00
(RHSA-2012:1185) Moderate: rhev-hypervisor5 security and bug fix update
2012-08-21 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: xen-4.1.2-17.fc17
2012-05-26 22:23:22
[SECURITY] Fedora 17 Update: xen-4.1.2-20.fc17
2012-06-26 00:52:23
[SECURITY] Fedora 17 Update: xen-4.1.2-24.fc17
2012-08-05 21:26:27
suse
suse
Security update for Xen (important)
2012-08-27 17:08:38
Security update for Xen (important)
2012-09-07 20:08:40
Security update for Xen and libvirt (important)
2012-08-27 17:08:36
JSON
Related for SL_20120731_XEN_ON_SL5_X.NASL
nessus17openvas73debiancve1cve1prion1ubuntucve1centos1veracode1oraclelinux1redhat2fedora28suse7