Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2007-2021 Tenable Network Security, Inc.SUSE_XEN-4766.NASL
HistoryDec 24, 2007 - 12:00 a.m.

SuSE 10 Security Update : xen (ZYPP Patch Number 4766)

2007-12-2400:00:00
This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.
www.tenable.com
14

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.001

Percentile

30.6%

JSON

This update fixes various Xen issues.

Two security problems were fixed: CVE-2007-5906: Xen allowed virtual guest system users to cause a denial of service (hypervisor crash) by using a debug register (DR7) to set certain breakpoints.

  • Xen 3.1.1 does not prevent modification of the CR4 TSC from applications, which allows pv guests to cause a denial of service (crash). (CVE-2007-5907)

Also the following bugs were fixed: 279062: Timer ISR/1: Time went backwards 340379: Xen-3.04_13138-0.52 not working with FV File-Backed VMs

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The text description of this plugin is (C) Novell, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(29791);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");

  script_cve_id("CVE-2007-5906", "CVE-2007-5907");

  script_name(english:"SuSE 10 Security Update : xen (ZYPP Patch Number 4766)");
  script_summary(english:"Checks rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote SuSE 10 host is missing a security-related patch."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"This update fixes various Xen issues.

Two security problems were fixed: CVE-2007-5906: Xen allowed virtual
guest system users to cause a denial of service (hypervisor crash) by
using a debug register (DR7) to set certain breakpoints.

  - Xen 3.1.1 does not prevent modification of the CR4 TSC
    from applications, which allows pv guests to cause a
    denial of service (crash). (CVE-2007-5907)

Also the following bugs were fixed: 279062: Timer ISR/1: Time went
backwards 340379: Xen-3.04_13138-0.52 not working with FV File-Backed
VMs"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2007-5906.html"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"http://support.novell.com/security/cve/CVE-2007-5907.html"
  );
  script_set_attribute(attribute:"solution", value:"Apply ZYPP patch number 4766.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:C");
  script_cwe_id(264);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:suse:suse_linux");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/11/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/12/24");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2021 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("global_settings.inc");
include("rpm.inc");


if (!get_kb_item("Host/local_checks_enabled")) exit(0, "Local checks are not enabled.");
if (!get_kb_item("Host/SuSE/release")) exit(0, "The host is not running SuSE.");
if (!get_kb_item("Host/SuSE/rpm-list")) exit(1, "Could not obtain the list of installed packages.");

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) exit(1, "Failed to determine the architecture type.");
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") exit(1, "Local checks for SuSE 10 on the '"+cpu+"' architecture have not been implemented.");


flag = 0;
if (rpm_check(release:"SLED10", sp:1, reference:"xen-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"xen-devel-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"xen-doc-html-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"xen-doc-pdf-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"xen-doc-ps-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"xen-libs-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"xen-tools-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"xen-tools-domU-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLED10", sp:1, reference:"xen-tools-ioemu-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLED10", sp:1, cpu:"x86_64", reference:"xen-libs-32bit-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"xen-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"xen-devel-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"xen-doc-html-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"xen-doc-pdf-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"xen-doc-ps-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"xen-libs-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"xen-tools-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"xen-tools-domU-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLES10", sp:1, reference:"xen-tools-ioemu-3.0.4_13138-0.60")) flag++;
if (rpm_check(release:"SLES10", sp:1, cpu:"x86_64", reference:"xen-libs-32bit-3.0.4_13138-0.60")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else exit(0, "The host is not affected.");
VendorProductVersionCPE
susesuse_linuxcpe:/o:suse:suse_linux

Related

nessus 7
nvd 2
prion 2
ubuntucve 2
veracode 2
cvelist 2
cve 2
oraclelinux 3
openvas 4
centos 1
redhat 1
nessus
nessus
openSUSE 10 Security Update : xen (xen-4901)
2008-01-14 00:00:00
openSUSE 10 Security Update : xen (xen-4854)
2007-12-24 00:00:00
openSUSE 10 Security Update : xen (xen-4764)
2008-01-08 00:00:00
nvd
nvd
CVE-2007-5906
2007-11-09 19:46:00
CVE-2007-5907
2007-11-09 19:46:00
prion
prion
Design/Logic Flaw
2007-11-09 19:46:00
Code injection
2007-11-09 19:46:00
ubuntucve
ubuntucve
CVE-2007-5906
2007-11-09 00:00:00
CVE-2007-5907
2007-11-09 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:23:22
Denial Of Service (DoS)
2020-04-10 00:27:59
cvelist
cvelist
CVE-2007-5906
2007-11-09 19:00:00
CVE-2007-5907
2007-11-09 19:00:00
cve
cve
CVE-2007-5906
2007-11-09 19:46:00
CVE-2007-5907
2007-11-09 19:46:00
oraclelinux
oraclelinux
kernel security and bug fix update
2008-12-17 00:00:00
kernel security and bug fix update
2008-11-05 00:00:00
Oracle Enterprise Linux 5.3 kernel security and bug fix update
2009-01-27 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2008-1017)
2015-10-08 00:00:00
Oracle: Security Advisory (ELSA-2008-0957)
2015-10-08 00:00:00
RedHat Update for kernel RHSA-2008:0957-02
2009-03-06 00:00:00
centos
centos
kernel security update
2008-11-05 16:01:40
redhat
redhat
(RHSA-2008:0957) Important: kernel security and bug fix update
2008-11-04 00:00:00

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

EPSS

0.001

Percentile

30.6%

JSON
Related for SUSE_XEN-4766.NASL
nessus7nvd2prion2ubuntucve2veracode2cvelist2cve2oraclelinux3openvas4centos1redhat1