Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2021 Tenable Network Security, Inc.SUSE_11_XEN-201208-120803.NASL
HistoryJan 25, 2013 - 12:00 a.m.

SuSE 11.1 Security Update : Xen (SAT Patch Number 6653)

2013-01-2500:00:00
This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.
www.tenable.com
16
JSON

Xen was updated to fix several security issues :

  • A xen HVM guest destroy p2m teardown host DoS vulnerability was fixed, where malicious guest could lock/crash the host. (CVE-2012-3433)

  • A xen HVM guest user mode MMIO emulation DoS was fixed.
    (CVE-2012-3432)

  • The xen pv bootloader doesn’t check the size of the bzip2 or lzma compressed kernel, leading to denial of service (crash). (CVE-2012-2625)

Also the following bug in XEN was fixed :

  • Xen HVM DomU crash during Windows Server 2008 R2 install, when maxmem > memory This update also included bugfixes for:. (bnc#746702)

  • vm-install: - bnc#762963 - ReaR: Unable to recover a paravirtualized XEN guest

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from SuSE 11 update information. The text itself is
# copyright (C) Novell, Inc.
#

if (NASL_LEVEL < 3000) exit(0);

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(64234);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2012-2625", "CVE-2012-3432", "CVE-2012-3433");

  script_name(english:"SuSE 11.1 Security Update : Xen  (SAT Patch Number 6653)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 11 host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Xen was updated to fix several security issues :

  - A xen HVM guest destroy p2m teardown host DoS
    vulnerability was fixed, where malicious guest could
    lock/crash the host. (CVE-2012-3433)

  - A xen HVM guest user mode MMIO emulation DoS was fixed.
    (CVE-2012-3432)

  - The xen pv bootloader doesn't check the size of the
    bzip2 or lzma compressed kernel, leading to denial of
    service (crash). (CVE-2012-2625)

Also the following bug in XEN was fixed :

  - Xen HVM DomU crash during Windows Server 2008 R2
    install, when maxmem > memory This update also included
    bugfixes for:. (bnc#746702)

  - vm-install: - bnc#762963 - ReaR: Unable to recover a
    paravirtualized XEN guest"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=744771"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=746702"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=762484"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=762963"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=773393"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://bugzilla.novell.com/show_bug.cgi?id=773401"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-2625.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-3432.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2012-3433.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply SAT patch number 6653.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:vm-install");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-doc-html");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-doc-pdf");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-default");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-pae");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-kmp-trace");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-libs");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-tools");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:11:xen-tools-domU");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:11");

  script_set_attribute(attribute:"patch_publication_date", value:"2012/08/03");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/25");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)11") audit(AUDIT_OS_NOT, "SuSE 11");
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SuSE 11", cpu);

pl = get_kb_item("Host/SuSE/patchlevel");
if (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, "SuSE 11.1");


flag = 0;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"vm-install-0.4.34-0.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"xen-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"xen-kmp-default-4.0.3_21548_08_2.6.32.59_0.7-0.7.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"xen-kmp-pae-4.0.3_21548_08_2.6.32.59_0.7-0.7.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"xen-libs-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"xen-tools-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"i586", reference:"xen-tools-domU-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"vm-install-0.4.34-0.3.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"xen-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"xen-kmp-default-4.0.3_21548_08_2.6.32.59_0.7-0.7.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"xen-libs-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"xen-tools-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLED11", sp:1, cpu:"x86_64", reference:"xen-tools-domU-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"vm-install-0.4.34-0.3.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"xen-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"xen-doc-html-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"xen-doc-pdf-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"xen-kmp-default-4.0.3_21548_08_2.6.32.59_0.7-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"xen-kmp-pae-4.0.3_21548_08_2.6.32.59_0.7-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"xen-kmp-trace-4.0.3_21548_08_2.6.32.59_0.7-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"xen-libs-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"xen-tools-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"i586", reference:"xen-tools-domU-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"vm-install-0.4.34-0.3.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"xen-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"xen-doc-html-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"xen-doc-pdf-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"xen-kmp-default-4.0.3_21548_08_2.6.32.59_0.7-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"xen-kmp-trace-4.0.3_21548_08_2.6.32.59_0.7-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"xen-libs-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"xen-tools-4.0.3_21548_08-0.7.1")) flag++;
if (rpm_check(release:"SLES11", sp:1, cpu:"x86_64", reference:"xen-tools-domU-4.0.3_21548_08-0.7.1")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:vm-install
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:xen
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:xen-doc-html
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:xen-doc-pdf
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:xen-kmp-default
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:xen-kmp-pae
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:xen-kmp-trace
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:xen-libs
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:xen-tools
novellsuse_linux11p-cpe:/a:novell:suse_linux:11:xen-tools-domu
Rows per page:
1-10 of 111

Related

nessus 26
suse 7
openvas 72
osv 1
securityvulns 2
debian 1
fedora 28
cve 3
ubuntucve 3
debiancve 3
prion 3
veracode 1
oraclelinux 1
redhat 2
centos 1
gentoo 1
nessus
nessus
SuSE 11.2 Security Update : Xen and libvirt (SAT Patch Number 6640)
2013-01-25 00:00:00
Debian DSA-2531-1 : xen - Denial of Service
2012-08-20 00:00:00
openSUSE Security Update : Xen (openSUSE-SU-2012:1174-1)
2014-06-13 00:00:00
suse
suse
Security update for Xen and libvirt (important)
2012-08-27 17:08:36
Security update for Xen (important)
2012-08-27 17:08:38
Security Update for Xen (important)
2012-09-14 14:12:18
openvas
openvas
Debian Security Advisory DSA 2531-1 (xen)
2012-08-30 00:00:00
Debian Security Advisory DSA 2531-1 (xen)
2012-08-30 00:00:00
SuSE Update for Security openSUSE-SU-2012:1174-1 (Security)
2012-12-13 00:00:00
osv
osv
xen - several
2012-08-18 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2531-1] xen security update
2012-08-27 00:00:00
Xend DoS conditions
2012-08-27 00:00:00
debian
debian
[SECURITY] [DSA 2531-1] xen security update
2012-08-18 15:46:42
fedora
fedora
[SECURITY] Fedora 17 Update: xen-4.1.3-2.fc17
2012-08-21 09:48:25
[SECURITY] Fedora 16 Update: xen-4.1.3-1.fc16
2012-08-21 09:53:53
[SECURITY] Fedora 17 Update: xen-4.1.2-24.fc17
2012-08-05 21:26:27
cve
cve
CVE-2012-3433
2012-11-24 20:55:00
CVE-2012-3432
2012-12-03 21:55:00
CVE-2012-2625
2012-10-31 16:55:00
ubuntucve
ubuntucve
CVE-2012-3433
2012-08-09 00:00:00
CVE-2012-3432
2012-12-03 00:00:00
CVE-2012-2625
2012-10-31 00:00:00
debiancve
debiancve
CVE-2012-3432
2012-12-03 21:55:00
CVE-2012-3433
2012-11-24 20:55:00
CVE-2012-2625
2012-10-31 16:55:00
prion
prion
Design/Logic Flaw
2012-11-24 20:55:00
Design/Logic Flaw
2012-12-03 21:55:00
Code injection
2012-10-31 16:55:00
veracode
veracode
Denial Of Service (Dos)
2019-01-15 08:55:07
oraclelinux
oraclelinux
xen security update
2012-07-31 00:00:00
redhat
redhat
(RHSA-2012:1130) Moderate: xen security update
2012-07-31 00:00:00
(RHSA-2012:1185) Moderate: rhev-hypervisor5 security and bug fix update
2012-08-21 00:00:00
centos
centos
xen security update
2012-07-31 22:57:53
gentoo
gentoo
Xen: Multiple vulnerabilities
2013-09-27 00:00:00
JSON
Related for SUSE_11_XEN-201208-120803.NASL
nessus26suse7openvas72osv1securityvulns2debian1fedora28cve3ubuntucve3debiancve3prion3veracode1oraclelinux1redhat2centos1gentoo1