{"id": "RHSA-2011:1401", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2011:1401) Moderate: xen security and bug fix update", "description": "The xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat Enterprise\nLinux.\n\nA buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\nemulation. An unprivileged, local guest user could provide a large number\nof bytes that are used to zero out a fixed-sized buffer via a SAI READ\nCAPACITY SCSI command, overwriting memory and causing the guest to crash.\n(CVE-2011-3346)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the vif-bridge script used a maximum transmission\nunit (MTU) of 1500 for a new Virtual Interface (VIF). As a result, the MTU\nof the VIF could differ from that of the target bridge. This update fixes\nthe VIF hot-plug script so that the default MTU for new VIFs will match\nthat of the target Xen hypervisor bridge. In combination with a new enough\nkernel (RHSA-2011:1386), this enables the use of jumbo frames in Xen\nhypervisor guests. (BZ#738608)\n\n* Prior to this update, the network-bridge script set the MTU of the bridge\nto 1500. As a result, the MTU of the Xen hypervisor bridge could differ\nfrom that of the physical interface. This update fixes the network script\nso the MTU of the bridge can be set higher than 1500, thus also providing\nsupport for jumbo frames. Now, the MTU of the Xen hypervisor bridge will\nmatch that of the physical interface. (BZ#738610)\n\n* Red Hat Enterprise Linux 5.6 introduced an optimized migration handling\nthat speeds up the migration of guests with large memory. However, the new\nmigration procedure can theoretically cause data corruption. While no cases\nwere observed in practice, with this update, the xend daemon properly waits\nfor correct device release before the guest is started on a destination\nmachine, thus fixing this bug. (BZ#743850)\n\nNote: Before a guest is using a new enough kernel (RHSA-2011:1386), the MTU\nof the VIF will drop back to 1500 (if it was set higher) after migration.\n\nAll xen users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the xend service must be restarted for this update to\ntake effect.\n", "published": "2011-10-24T04:00:00", "modified": "2017-09-08T11:53:48", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "href": "https://access.redhat.com/errata/RHSA-2011:1401", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2011-3346"], "lastseen": "2019-08-13T18:45:31", "viewCount": 1, "enchantments": {"score": {"value": 4.5, "vector": "NONE", "modified": "2019-08-13T18:45:31", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2011-3346"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1401"]}, {"type": "centos", "idList": ["CESA-2011:1401"]}, {"type": "nessus", "idList": ["SL_20111024_XEN_ON_SL5_X.NASL", "CENTOS_RHSA-2011-1401.NASL", "OPENSUSE-2011-95.NASL", "REDHAT-RHSA-2011-1401.NASL", "ORACLELINUX_ELSA-2011-1401.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310881026", "OPENVAS:881026", "OPENVAS:1361412562310122065", "OPENVAS:1361412562310870508", "OPENVAS:881414", "OPENVAS:1361412562310881414", "OPENVAS:870508"]}], "modified": "2019-08-13T18:45:31", "rev": 2}, "vulnersScore": 4.5}, "affectedPackage": [{"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "xen-devel", "packageVersion": "3.0.3-132.el5_7.2", "packageFilename": "xen-devel-3.0.3-132.el5_7.2.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "xen-libs", "packageVersion": "3.0.3-132.el5_7.2", "packageFilename": "xen-libs-3.0.3-132.el5_7.2.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "xen-libs", "packageVersion": "3.0.3-132.el5_7.2", "packageFilename": "xen-libs-3.0.3-132.el5_7.2.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "xen-devel", "packageVersion": "3.0.3-132.el5_7.2", "packageFilename": "xen-devel-3.0.3-132.el5_7.2.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "xen", "packageVersion": "3.0.3-132.el5_7.2", "packageFilename": "xen-3.0.3-132.el5_7.2.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "xen-devel", "packageVersion": "3.0.3-132.el5_7.2", "packageFilename": "xen-devel-3.0.3-132.el5_7.2.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "ia64", "packageName": "xen", "packageVersion": "3.0.3-132.el5_7.2", "packageFilename": "xen-3.0.3-132.el5_7.2.ia64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "i386", "packageName": "xen", "packageVersion": "3.0.3-132.el5_7.2", "packageFilename": "xen-3.0.3-132.el5_7.2.i386.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "x86_64", "packageName": "xen-libs", "packageVersion": "3.0.3-132.el5_7.2", "packageFilename": "xen-libs-3.0.3-132.el5_7.2.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "5", "arch": "src", "packageName": "xen", "packageVersion": "3.0.3-132.el5_7.2", "packageFilename": "xen-3.0.3-132.el5_7.2.src.rpm", "operator": "lt"}], "immutableFields": []}

{"cve": [{"lastseen": "2021-02-02T05:51:06", "description": "Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service (guest crash) via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has manually modified certain permissions or ACLs.", "edition": 6, "cvss3": {}, "published": "2014-04-01T06:35:00", "title": "CVE-2011-3346", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:L/AC:H/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3346"], "modified": "2014-04-01T14:35:00", "cpe": ["cpe:/a:qemu:qemu:0.15.1", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:xen:xen:-", "cpe:/a:qemu:qemu:0.15.0"], "id": "CVE-2011-3346", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3346", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:xen:xen:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*", "cpe:2.3:a:qemu:qemu:0.15.0:rc1:*:*:*:*:*:*", "cpe:2.3:a:qemu:qemu:0.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:qemu:qemu:0.15.0:rc2:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:39:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2011-10-31T00:00:00", "id": "OPENVAS:1361412562310881026", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881026", "type": "openvas", "title": "CentOS Update for xen CESA-2011:1401 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xen CESA-2011:1401 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-October/018131.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881026\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-31 13:45:00 +0100 (Mon, 31 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2011:1401\");\n script_cve_id(\"CVE-2011-3346\");\n script_name(\"CentOS Update for xen CESA-2011:1401 centos5 i386\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"xen on CentOS 5\");\n script_tag(name:\"insight\", value:\"The xen packages contain administration tools and the xend service for\n managing the kernel-xen kernel for virtualization on Red Hat Enterprise\n Linux.\n\n A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\n emulation. An unprivileged, local guest user could provide a large number\n of bytes that are used to zero out a fixed-sized buffer via a SAI READ\n CAPACITY SCSI command, overwriting memory and causing the guest to crash.\n (CVE-2011-3346)\n\n This update also fixes the following bugs:\n\n * Prior to this update, the vif-bridge script used a maximum transmission\n unit (MTU) of 1500 for a new Virtual Interface (VIF). As a result, the MTU\n of the VIF could differ from that of the target bridge. This update fixes\n the VIF hot-plug script so that the default MTU for new VIFs will match\n that of the target Xen hypervisor bridge. In combination with a new enough\n kernel (RHSA-2011:1386), this enables the use of jumbo frames in Xen\n hypervisor guests. (BZ#738608)\n\n * Prior to this update, the network-bridge script set the MTU of the bridge\n to 1500. As a result, the MTU of the Xen hypervisor bridge could differ\n from that of the physical interface. This update fixes the network script\n so the MTU of the bridge can be set higher than 1500, thus also providing\n support for jumbo frames. Now, the MTU of the Xen hypervisor bridge will\n match that of the physical interface. (BZ#738610)\n\n * Red Hat Enterprise Linux 5.6 introduced an optimized migration handling\n that speeds up the migration of guests with large memory. However, the new\n migration procedure can theoretically cause data corruption. While no cases\n were observed in practice, with this update, the xend daemon properly waits\n for correct device release before the guest is started on a destination\n machine, thus fixing this bug. (BZ#743850)\n\n Note: Before a guest is using a new enough kernel (RHSA-2011:1386), the MTU\n of the VIF will drop back to 1500 (if it was set higher) after migration.\n\n All xen users are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing the\n updated packages, the xend service must be restarted for this update to\n take effect.\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2018-01-06T13:07:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "description": "Check for the Version of xen", "modified": "2018-01-04T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881414", "href": "http://plugins.openvas.org/nasl.php?oid=881414", "type": "openvas", "title": "CentOS Update for xen CESA-2011:1401 centos5 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xen CESA-2011:1401 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The xen packages contain administration tools and the xend service for\n managing the kernel-xen kernel for virtualization on Red Hat Enterprise\n Linux.\n\n A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\n emulation. An unprivileged, local guest user could provide a large number\n of bytes that are used to zero out a fixed-sized buffer via a SAI READ\n CAPACITY SCSI command, overwriting memory and causing the guest to crash.\n (CVE-2011-3346)\n \n This update also fixes the following bugs:\n \n * Prior to this update, the vif-bridge script used a maximum transmission\n unit (MTU) of 1500 for a new Virtual Interface (VIF). As a result, the MTU\n of the VIF could differ from that of the target bridge. This update fixes\n the VIF hot-plug script so that the default MTU for new VIFs will match\n that of the target Xen hypervisor bridge. In combination with a new enough\n kernel (RHSA-2011:1386), this enables the use of jumbo frames in Xen\n hypervisor guests. (BZ#738608)\n \n * Prior to this update, the network-bridge script set the MTU of the bridge\n to 1500. As a result, the MTU of the Xen hypervisor bridge could differ\n from that of the physical interface. This update fixes the network script\n so the MTU of the bridge can be set higher than 1500, thus also providing\n support for jumbo frames. Now, the MTU of the Xen hypervisor bridge will\n match that of the physical interface. (BZ#738610)\n \n * Red Hat Enterprise Linux 5.6 introduced an optimized migration handling\n that speeds up the migration of guests with large memory. However, the new\n migration procedure can theoretically cause data corruption. While no cases\n were observed in practice, with this update, the xend daemon properly waits\n for correct device release before the guest is started on a destination\n machine, thus fixing this bug. (BZ#743850)\n \n Note: Before a guest is using a new enough kernel (RHSA-2011:1386), the MTU\n of the VIF will drop back to 1500 (if it was set higher) after migration.\n \n All xen users are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing the\n updated packages, the xend service must be restarted for this update to\n take effect.\";\n\ntag_affected = \"xen on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-October/018132.html\");\n script_id(881414);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:49:33 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3346\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2011:1401\");\n script_name(\"CentOS Update for xen CESA-2011:1401 centos5 x86_64\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xen\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "description": "Check for the Version of xen", "modified": "2017-07-12T00:00:00", "published": "2011-10-31T00:00:00", "id": "OPENVAS:870508", "href": "http://plugins.openvas.org/nasl.php?oid=870508", "type": "openvas", "title": "RedHat Update for xen RHSA-2011:1401-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for xen RHSA-2011:1401-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The xen packages contain administration tools and the xend service for\n managing the kernel-xen kernel for virtualization on Red Hat Enterprise\n Linux.\n\n A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\n emulation. An unprivileged, local guest user could provide a large number\n of bytes that are used to zero out a fixed-sized buffer via a SAI READ\n CAPACITY SCSI command, overwriting memory and causing the guest to crash.\n (CVE-2011-3346)\n \n This update also fixes the following bugs:\n \n * Prior to this update, the vif-bridge script used a maximum transmission\n unit (MTU) of 1500 for a new Virtual Interface (VIF). As a result, the MTU\n of the VIF could differ from that of the target bridge. This update fixes\n the VIF hot-plug script so that the default MTU for new VIFs will match\n that of the target Xen hypervisor bridge. In combination with a new enough\n kernel (RHSA-2011:1386), this enables the use of jumbo frames in Xen\n hypervisor guests. (BZ#738608)\n \n * Prior to this update, the network-bridge script set the MTU of the bridge\n to 1500. As a result, the MTU of the Xen hypervisor bridge could differ\n from that of the physical interface. This update fixes the network script\n so the MTU of the bridge can be set higher than 1500, thus also providing\n support for jumbo frames. Now, the MTU of the Xen hypervisor bridge will\n match that of the physical interface. (BZ#738610)\n \n * Red Hat Enterprise Linux 5.6 introduced an optimized migration handling\n that speeds up the migration of guests with large memory. However, the new\n migration procedure can theoretically cause data corruption. While no cases\n were observed in practice, with this update, the xend daemon properly waits\n for correct device release before the guest is started on a destination\n machine, thus fixing this bug. (BZ#743850)\n \n Note: Before a guest is using a new enough kernel (RHSA-2011:1386), the MTU\n of the VIF will drop back to 1500 (if it was set higher) after migration.\n \n All xen users are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing the\n updated packages, the xend service must be restarted for this update to\n take effect.\";\n\ntag_affected = \"xen on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2011-October/msg00017.html\");\n script_id(870508);\n script_version(\"$Revision: 6685 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:44:46 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-31 13:45:00 +0100 (Mon, 31 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"RHSA\", value: \"2011:1401-01\");\n script_cve_id(\"CVE-2011-3346\");\n script_name(\"RedHat Update for xen RHSA-2011:1401-01\");\n\n script_summary(\"Check for the Version of xen\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen-debuginfo\", rpm:\"xen-debuginfo~3.0.3~132.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.0.3~132.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "description": "Check for the Version of xen", "modified": "2017-07-10T00:00:00", "published": "2011-10-31T00:00:00", "id": "OPENVAS:881026", "href": "http://plugins.openvas.org/nasl.php?oid=881026", "type": "openvas", "title": "CentOS Update for xen CESA-2011:1401 centos5 i386", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xen CESA-2011:1401 centos5 i386\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The xen packages contain administration tools and the xend service for\n managing the kernel-xen kernel for virtualization on Red Hat Enterprise\n Linux.\n\n A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\n emulation. An unprivileged, local guest user could provide a large number\n of bytes that are used to zero out a fixed-sized buffer via a SAI READ\n CAPACITY SCSI command, overwriting memory and causing the guest to crash.\n (CVE-2011-3346)\n \n This update also fixes the following bugs:\n \n * Prior to this update, the vif-bridge script used a maximum transmission\n unit (MTU) of 1500 for a new Virtual Interface (VIF). As a result, the MTU\n of the VIF could differ from that of the target bridge. This update fixes\n the VIF hot-plug script so that the default MTU for new VIFs will match\n that of the target Xen hypervisor bridge. In combination with a new enough\n kernel (RHSA-2011:1386), this enables the use of jumbo frames in Xen\n hypervisor guests. (BZ#738608)\n \n * Prior to this update, the network-bridge script set the MTU of the bridge\n to 1500. As a result, the MTU of the Xen hypervisor bridge could differ\n from that of the physical interface. This update fixes the network script\n so the MTU of the bridge can be set higher than 1500, thus also providing\n support for jumbo frames. Now, the MTU of the Xen hypervisor bridge will\n match that of the physical interface. (BZ#738610)\n \n * Red Hat Enterprise Linux 5.6 introduced an optimized migration handling\n that speeds up the migration of guests with large memory. However, the new\n migration procedure can theoretically cause data corruption. While no cases\n were observed in practice, with this update, the xend daemon properly waits\n for correct device release before the guest is started on a destination\n machine, thus fixing this bug. (BZ#743850)\n \n Note: Before a guest is using a new enough kernel (RHSA-2011:1386), the MTU\n of the VIF will drop back to 1500 (if it was set higher) after migration.\n \n All xen users are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing the\n updated packages, the xend service must be restarted for this update to\n take effect.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"xen on CentOS 5\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2011-October/018131.html\");\n script_id(881026);\n script_version(\"$Revision: 6653 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:46:53 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-31 13:45:00 +0100 (Mon, 31 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_xref(name: \"CESA\", value: \"2011:1401\");\n script_cve_id(\"CVE-2011-3346\");\n script_name(\"CentOS Update for xen CESA-2011:1401 centos5 i386\");\n\n script_summary(\"Check for the Version of xen\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:NONE/I:NONE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "description": "Oracle Linux Local Security Checks ELSA-2011-1401", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310122065", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122065", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2011-1401", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2011-1401.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122065\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:12:29 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2011-1401\");\n script_tag(name:\"insight\", value:\"ELSA-2011-1401 - xen security and bug fix update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2011-1401\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2011-1401.html\");\n script_cve_id(\"CVE-2011-3346\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~3.0.3~132.el5_7.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~3.0.3~132.el5_7.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.0.3~132.el5_7.2\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:38:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:1361412562310881414", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881414", "type": "openvas", "title": "CentOS Update for xen CESA-2011:1401 centos5 x86_64", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xen CESA-2011:1401 centos5 x86_64\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2011-October/018132.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881414\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 17:49:33 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2011-3346\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"CESA\", value:\"2011:1401\");\n script_name(\"CentOS Update for xen CESA-2011:1401 centos5 x86_64\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"xen on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"The xen packages contain administration tools and the xend service for\n managing the kernel-xen kernel for virtualization on Red Hat Enterprise\n Linux.\n\n A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\n emulation. An unprivileged, local guest user could provide a large number\n of bytes that are used to zero out a fixed-sized buffer via a SAI READ\n CAPACITY SCSI command, overwriting memory and causing the guest to crash.\n (CVE-2011-3346)\n\n This update also fixes the following bugs:\n\n * Prior to this update, the vif-bridge script used a maximum transmission\n unit (MTU) of 1500 for a new Virtual Interface (VIF). As a result, the MTU\n of the VIF could differ from that of the target bridge. This update fixes\n the VIF hot-plug script so that the default MTU for new VIFs will match\n that of the target Xen hypervisor bridge. In combination with a new enough\n kernel (RHSA-2011:1386), this enables the use of jumbo frames in Xen\n hypervisor guests. (BZ#738608)\n\n * Prior to this update, the network-bridge script set the MTU of the bridge\n to 1500. As a result, the MTU of the Xen hypervisor bridge could differ\n from that of the physical interface. This update fixes the network script\n so the MTU of the bridge can be set higher than 1500, thus also providing\n support for jumbo frames. Now, the MTU of the Xen hypervisor bridge will\n match that of the physical interface. (BZ#738610)\n\n * Red Hat Enterprise Linux 5.6 introduced an optimized migration handling\n that speeds up the migration of guests with large memory. However, the new\n migration procedure can theoretically cause data corruption. While no cases\n were observed in practice, with this update, the xend daemon properly waits\n for correct device release before the guest is started on a destination\n machine, thus fixing this bug. (BZ#743850)\n\n Note: Before a guest is using a new enough kernel (RHSA-2011:1386), the MTU\n of the VIF will drop back to 1500 (if it was set higher) after migration.\n\n All xen users are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing the\n updated packages, the xend service must be restarted for this update to\n take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen\", rpm:\"xen~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-devel\", rpm:\"xen-devel~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.0.3~132.el5_7.2\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:39:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "description": "The remote host is missing an update for the ", "modified": "2018-11-23T00:00:00", "published": "2011-10-31T00:00:00", "id": "OPENVAS:1361412562310870508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870508", "type": "openvas", "title": "RedHat Update for xen RHSA-2011:1401-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for xen RHSA-2011:1401-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2011-October/msg00017.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870508\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-10-31 13:45:00 +0100 (Mon, 31 Oct 2011)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_xref(name:\"RHSA\", value:\"2011:1401-01\");\n script_cve_id(\"CVE-2011-3346\");\n script_name(\"RedHat Update for xen RHSA-2011:1401-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xen'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"xen on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The xen packages contain administration tools and the xend service for\n managing the kernel-xen kernel for virtualization on Red Hat Enterprise\n Linux.\n\n A buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\n emulation. An unprivileged, local guest user could provide a large number\n of bytes that are used to zero out a fixed-sized buffer via a SAI READ\n CAPACITY SCSI command, overwriting memory and causing the guest to crash.\n (CVE-2011-3346)\n\n This update also fixes the following bugs:\n\n * Prior to this update, the vif-bridge script used a maximum transmission\n unit (MTU) of 1500 for a new Virtual Interface (VIF). As a result, the MTU\n of the VIF could differ from that of the target bridge. This update fixes\n the VIF hot-plug script so that the default MTU for new VIFs will match\n that of the target Xen hypervisor bridge. In combination with a new enough\n kernel (RHSA-2011:1386), this enables the use of jumbo frames in Xen\n hypervisor guests. (BZ#738608)\n\n * Prior to this update, the network-bridge script set the MTU of the bridge\n to 1500. As a result, the MTU of the Xen hypervisor bridge could differ\n from that of the physical interface. This update fixes the network script\n so the MTU of the bridge can be set higher than 1500, thus also providing\n support for jumbo frames. Now, the MTU of the Xen hypervisor bridge will\n match that of the physical interface. (BZ#738610)\n\n * Red Hat Enterprise Linux 5.6 introduced an optimized migration handling\n that speeds up the migration of guests with large memory. However, the new\n migration procedure can theoretically cause data corruption. While no cases\n were observed in practice, with this update, the xend daemon properly waits\n for correct device release before the guest is started on a destination\n machine, thus fixing this bug. (BZ#743850)\n\n Note: Before a guest is using a new enough kernel (RHSA-2011:1386), the MTU\n of the VIF will drop back to 1500 (if it was set higher) after migration.\n\n All xen users are advised to upgrade to these updated packages, which\n contain backported patches to correct these issues. After installing the\n updated packages, the xend service must be restarted for this update to\n take effect.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"xen-debuginfo\", rpm:\"xen-debuginfo~3.0.3~132.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xen-libs\", rpm:\"xen-libs~3.0.3~132.el5_7.2\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2019-12-20T18:26:54", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3346"], "description": "**CentOS Errata and Security Advisory** CESA-2011:1401\n\n\nThe xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat Enterprise\nLinux.\n\nA buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\nemulation. An unprivileged, local guest user could provide a large number\nof bytes that are used to zero out a fixed-sized buffer via a SAI READ\nCAPACITY SCSI command, overwriting memory and causing the guest to crash.\n(CVE-2011-3346)\n\nThis update also fixes the following bugs:\n\n* Prior to this update, the vif-bridge script used a maximum transmission\nunit (MTU) of 1500 for a new Virtual Interface (VIF). As a result, the MTU\nof the VIF could differ from that of the target bridge. This update fixes\nthe VIF hot-plug script so that the default MTU for new VIFs will match\nthat of the target Xen hypervisor bridge. In combination with a new enough\nkernel (RHSA-2011:1386), this enables the use of jumbo frames in Xen\nhypervisor guests. (BZ#738608)\n\n* Prior to this update, the network-bridge script set the MTU of the bridge\nto 1500. As a result, the MTU of the Xen hypervisor bridge could differ\nfrom that of the physical interface. This update fixes the network script\nso the MTU of the bridge can be set higher than 1500, thus also providing\nsupport for jumbo frames. Now, the MTU of the Xen hypervisor bridge will\nmatch that of the physical interface. (BZ#738610)\n\n* Red Hat Enterprise Linux 5.6 introduced an optimized migration handling\nthat speeds up the migration of guests with large memory. However, the new\nmigration procedure can theoretically cause data corruption. While no cases\nwere observed in practice, with this update, the xend daemon properly waits\nfor correct device release before the guest is started on a destination\nmachine, thus fixing this bug. (BZ#743850)\n\nNote: Before a guest is using a new enough kernel (RHSA-2011:1386), the MTU\nof the VIF will drop back to 1500 (if it was set higher) after migration.\n\nAll xen users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing the\nupdated packages, the xend service must be restarted for this update to\ntake effect.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2011-October/030169.html\nhttp://lists.centos.org/pipermail/centos-announce/2011-October/030170.html\n\n**Affected packages:**\nxen\nxen-devel\nxen-libs\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2011-1401.html", "edition": 3, "modified": "2011-10-24T17:56:22", "published": "2011-10-24T17:56:22", "href": "http://lists.centos.org/pipermail/centos-announce/2011-October/030169.html", "id": "CESA-2011:1401", "title": "xen security update", "type": "centos", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:37:41", "bulletinFamily": "unix", "cvelist": ["CVE-2011-3346"], "description": "[3.0.3-132.el5_7.2]\n- Release device backends before restarting guest on the destination machine (rhbz 743850)\n- Fix SCSI buffer overflow and disable SCSI CD-ROMs (rhbz 736289)\n[3.0.3-132.el5_7.1]\n- hotplug: set netback/tap MTU to the same value as the bridge MTU (rhbz 738608)\n- copy the MTU of the physical interface to the Xen bridge (rhbz 738610)", "edition": 4, "modified": "2011-10-24T00:00:00", "published": "2011-10-24T00:00:00", "id": "ELSA-2011-1401", "href": "http://linux.oracle.com/errata/ELSA-2011-1401.html", "title": "xen security and bug fix update", "type": "oraclelinux", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2021-01-17T13:46:07", "description": "The xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Scientific Linux.\n\nA buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\nemulation. An unprivileged, local guest user could provide a large\nnumber of bytes that are used to zero out a fixed-sized buffer via a\nSAI READ CAPACITY SCSI command, overwriting memory and causing the\nguest to crash. (CVE-2011-3346)\n\nThis update also fixes the following bugs :\n\n - Prior to this update, the vif-bridge script used a\n maximum transmission unit (MTU) of 1500 for a new\n Virtual Interface (VIF). As a result, the MTU of the VIF\n could differ from that of the target bridge. This update\n fixes the VIF hot-plug script so that the default MTU\n for new VIFs will match that of the target Xen\n hypervisor bridge. In combination with a new enough\n kernel, this enables the use of jumbo frames in Xen\n hypervisor guests.\n\n - Prior to this update, the network-bridge script set the\n MTU of the bridge to 1500. As a result, the MTU of the\n Xen hypervisor bridge could differ from that of the\n physical interface. This update fixes the network script\n so the MTU of the bridge can be set higher than 1500,\n thus also providing support for jumbo frames. Now, the\n MTU of the Xen hypervisor bridge will match that of the\n physical interface.\n\n - Scientific Linux 5.6 introduced an optimized migration\n handling that speeds up the migration of guests with\n large memory. However, the new migration procedure can\n theoretically cause data corruption. While no cases were\n observed in practice, with this update, the xend daemon\n properly waits for correct device release before the\n guest is started on a destination machine, thus fixing\n this bug.\n\nNote: Before a guest is using a new enough kernel, the MTU of the VIF\nwill drop back to 1500 (if it was set higher) after migration.\n\nAll xen users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the xend service must be restarted for this\nupdate to take effect.", "edition": 24, "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : xen on SL5.x i386/x86_64", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "modified": "2012-08-01T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20111024_XEN_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61163", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61163);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3346\");\n\n script_name(english:\"Scientific Linux Security Update : xen on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Scientific Linux.\n\nA buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\nemulation. An unprivileged, local guest user could provide a large\nnumber of bytes that are used to zero out a fixed-sized buffer via a\nSAI READ CAPACITY SCSI command, overwriting memory and causing the\nguest to crash. (CVE-2011-3346)\n\nThis update also fixes the following bugs :\n\n - Prior to this update, the vif-bridge script used a\n maximum transmission unit (MTU) of 1500 for a new\n Virtual Interface (VIF). As a result, the MTU of the VIF\n could differ from that of the target bridge. This update\n fixes the VIF hot-plug script so that the default MTU\n for new VIFs will match that of the target Xen\n hypervisor bridge. In combination with a new enough\n kernel, this enables the use of jumbo frames in Xen\n hypervisor guests.\n\n - Prior to this update, the network-bridge script set the\n MTU of the bridge to 1500. As a result, the MTU of the\n Xen hypervisor bridge could differ from that of the\n physical interface. This update fixes the network script\n so the MTU of the bridge can be set higher than 1500,\n thus also providing support for jumbo frames. Now, the\n MTU of the Xen hypervisor bridge will match that of the\n physical interface.\n\n - Scientific Linux 5.6 introduced an optimized migration\n handling that speeds up the migration of guests with\n large memory. However, the new migration procedure can\n theoretically cause data corruption. While no cases were\n observed in practice, with this update, the xend daemon\n properly waits for correct device release before the\n guest is started on a destination machine, thus fixing\n this bug.\n\nNote: Before a guest is using a new enough kernel, the MTU of the VIF\nwill drop back to 1500 (if it was set higher) after migration.\n\nAll xen users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the xend service must be restarted for this\nupdate to take effect.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1110&L=scientific-linux-errata&T=0&P=2536\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d3e0e5d4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"xen-3.0.3-132.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xen-debuginfo-3.0.3-132.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xen-devel-3.0.3-132.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"xen-libs-3.0.3-132.el5_7.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:46:19", "description": "From Red Hat Security Advisory 2011:1401 :\n\nUpdated xen packages that fix one security issue and three bugs are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat\nEnterprise Linux.\n\nA buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\nemulation. An unprivileged, local guest user could provide a large\nnumber of bytes that are used to zero out a fixed-sized buffer via a\nSAI READ CAPACITY SCSI command, overwriting memory and causing the\nguest to crash. (CVE-2011-3346)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, the vif-bridge script used a maximum\ntransmission unit (MTU) of 1500 for a new Virtual Interface (VIF). As\na result, the MTU of the VIF could differ from that of the target\nbridge. This update fixes the VIF hot-plug script so that the default\nMTU for new VIFs will match that of the target Xen hypervisor bridge.\nIn combination with a new enough kernel (RHSA-2011:1386), this enables\nthe use of jumbo frames in Xen hypervisor guests. (BZ#738608)\n\n* Prior to this update, the network-bridge script set the MTU of the\nbridge to 1500. As a result, the MTU of the Xen hypervisor bridge\ncould differ from that of the physical interface. This update fixes\nthe network script so the MTU of the bridge can be set higher than\n1500, thus also providing support for jumbo frames. Now, the MTU of\nthe Xen hypervisor bridge will match that of the physical interface.\n(BZ#738610)\n\n* Red Hat Enterprise Linux 5.6 introduced an optimized migration\nhandling that speeds up the migration of guests with large memory.\nHowever, the new migration procedure can theoretically cause data\ncorruption. While no cases were observed in practice, with this\nupdate, the xend daemon properly waits for correct device release\nbefore the guest is started on a destination machine, thus fixing this\nbug. (BZ#743850)\n\nNote: Before a guest is using a new enough kernel (RHSA-2011:1386),\nthe MTU of the VIF will drop back to 1500 (if it was set higher) after\nmigration.\n\nAll xen users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the xend service must be restarted for this\nupdate to take effect.", "edition": 23, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 : xen (ELSA-2011-1401)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:xen-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:xen", "p-cpe:/a:oracle:linux:xen-libs"], "id": "ORACLELINUX_ELSA-2011-1401.NASL", "href": "https://www.tenable.com/plugins/nessus/68378", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:1401 and \n# Oracle Linux Security Advisory ELSA-2011-1401 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68378);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3346\");\n script_bugtraq_id(49545);\n script_xref(name:\"RHSA\", value:\"2011:1401\");\n\n script_name(english:\"Oracle Linux 5 : xen (ELSA-2011-1401)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:1401 :\n\nUpdated xen packages that fix one security issue and three bugs are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat\nEnterprise Linux.\n\nA buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\nemulation. An unprivileged, local guest user could provide a large\nnumber of bytes that are used to zero out a fixed-sized buffer via a\nSAI READ CAPACITY SCSI command, overwriting memory and causing the\nguest to crash. (CVE-2011-3346)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, the vif-bridge script used a maximum\ntransmission unit (MTU) of 1500 for a new Virtual Interface (VIF). As\na result, the MTU of the VIF could differ from that of the target\nbridge. This update fixes the VIF hot-plug script so that the default\nMTU for new VIFs will match that of the target Xen hypervisor bridge.\nIn combination with a new enough kernel (RHSA-2011:1386), this enables\nthe use of jumbo frames in Xen hypervisor guests. (BZ#738608)\n\n* Prior to this update, the network-bridge script set the MTU of the\nbridge to 1500. As a result, the MTU of the Xen hypervisor bridge\ncould differ from that of the physical interface. This update fixes\nthe network script so the MTU of the bridge can be set higher than\n1500, thus also providing support for jumbo frames. Now, the MTU of\nthe Xen hypervisor bridge will match that of the physical interface.\n(BZ#738610)\n\n* Red Hat Enterprise Linux 5.6 introduced an optimized migration\nhandling that speeds up the migration of guests with large memory.\nHowever, the new migration procedure can theoretically cause data\ncorruption. While no cases were observed in practice, with this\nupdate, the xend daemon properly waits for correct device release\nbefore the guest is started on a destination machine, thus fixing this\nbug. (BZ#743850)\n\nNote: Before a guest is using a new enough kernel (RHSA-2011:1386),\nthe MTU of the VIF will drop back to 1500 (if it was set higher) after\nmigration.\n\nAll xen users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the xend service must be restarted for this\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-October/002427.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"xen-3.0.3-132.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xen-devel-3.0.3-132.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"xen-libs-3.0.3-132.el5_7.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-devel / xen-libs\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T13:09:58", "description": "Updated xen packages that fix one security issue and three bugs are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat\nEnterprise Linux.\n\nA buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\nemulation. An unprivileged, local guest user could provide a large\nnumber of bytes that are used to zero out a fixed-sized buffer via a\nSAI READ CAPACITY SCSI command, overwriting memory and causing the\nguest to crash. (CVE-2011-3346)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, the vif-bridge script used a maximum\ntransmission unit (MTU) of 1500 for a new Virtual Interface (VIF). As\na result, the MTU of the VIF could differ from that of the target\nbridge. This update fixes the VIF hot-plug script so that the default\nMTU for new VIFs will match that of the target Xen hypervisor bridge.\nIn combination with a new enough kernel (RHSA-2011:1386), this enables\nthe use of jumbo frames in Xen hypervisor guests. (BZ#738608)\n\n* Prior to this update, the network-bridge script set the MTU of the\nbridge to 1500. As a result, the MTU of the Xen hypervisor bridge\ncould differ from that of the physical interface. This update fixes\nthe network script so the MTU of the bridge can be set higher than\n1500, thus also providing support for jumbo frames. Now, the MTU of\nthe Xen hypervisor bridge will match that of the physical interface.\n(BZ#738610)\n\n* Red Hat Enterprise Linux 5.6 introduced an optimized migration\nhandling that speeds up the migration of guests with large memory.\nHowever, the new migration procedure can theoretically cause data\ncorruption. While no cases were observed in practice, with this\nupdate, the xend daemon properly waits for correct device release\nbefore the guest is started on a destination machine, thus fixing this\nbug. (BZ#743850)\n\nNote: Before a guest is using a new enough kernel (RHSA-2011:1386),\nthe MTU of the VIF will drop back to 1500 (if it was set higher) after\nmigration.\n\nAll xen users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the xend service must be restarted for this\nupdate to take effect.", "edition": 27, "published": "2011-10-25T00:00:00", "title": "RHEL 5 : xen (RHSA-2011:1401)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "modified": "2011-10-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:5", "p-cpe:/a:redhat:enterprise_linux:xen-devel", "p-cpe:/a:redhat:enterprise_linux:xen", "p-cpe:/a:redhat:enterprise_linux:xen-libs"], "id": "REDHAT-RHSA-2011-1401.NASL", "href": "https://www.tenable.com/plugins/nessus/56628", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1401. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56628);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3346\");\n script_bugtraq_id(49545);\n script_xref(name:\"RHSA\", value:\"2011:1401\");\n\n script_name(english:\"RHEL 5 : xen (RHSA-2011:1401)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated xen packages that fix one security issue and three bugs are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat\nEnterprise Linux.\n\nA buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\nemulation. An unprivileged, local guest user could provide a large\nnumber of bytes that are used to zero out a fixed-sized buffer via a\nSAI READ CAPACITY SCSI command, overwriting memory and causing the\nguest to crash. (CVE-2011-3346)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, the vif-bridge script used a maximum\ntransmission unit (MTU) of 1500 for a new Virtual Interface (VIF). As\na result, the MTU of the VIF could differ from that of the target\nbridge. This update fixes the VIF hot-plug script so that the default\nMTU for new VIFs will match that of the target Xen hypervisor bridge.\nIn combination with a new enough kernel (RHSA-2011:1386), this enables\nthe use of jumbo frames in Xen hypervisor guests. (BZ#738608)\n\n* Prior to this update, the network-bridge script set the MTU of the\nbridge to 1500. As a result, the MTU of the Xen hypervisor bridge\ncould differ from that of the physical interface. This update fixes\nthe network script so the MTU of the bridge can be set higher than\n1500, thus also providing support for jumbo frames. Now, the MTU of\nthe Xen hypervisor bridge will match that of the physical interface.\n(BZ#738610)\n\n* Red Hat Enterprise Linux 5.6 introduced an optimized migration\nhandling that speeds up the migration of guests with large memory.\nHowever, the new migration procedure can theoretically cause data\ncorruption. While no cases were observed in practice, with this\nupdate, the xend daemon properly waits for correct device release\nbefore the guest is started on a destination machine, thus fixing this\nbug. (BZ#743850)\n\nNote: Before a guest is using a new enough kernel (RHSA-2011:1386),\nthe MTU of the VIF will drop back to 1500 (if it was set higher) after\nmigration.\n\nAll xen users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the xend service must be restarted for this\nupdate to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-3346\"\n );\n # https://rhn.redhat.com/errata/RHSA-2011-1386.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1386\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1401\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xen, xen-devel and / or xen-libs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1401\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"xen-3.0.3-132.el5_7.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"xen-3.0.3-132.el5_7.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"xen-devel-3.0.3-132.el5_7.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"xen-devel-3.0.3-132.el5_7.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"xen-libs-3.0.3-132.el5_7.2\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"xen-libs-3.0.3-132.el5_7.2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-devel / xen-libs\");\n }\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-06T09:27:18", "description": "Updated xen packages that fix one security issue and three bugs are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat\nEnterprise Linux.\n\nA buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\nemulation. An unprivileged, local guest user could provide a large\nnumber of bytes that are used to zero out a fixed-sized buffer via a\nSAI READ CAPACITY SCSI command, overwriting memory and causing the\nguest to crash. (CVE-2011-3346)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, the vif-bridge script used a maximum\ntransmission unit (MTU) of 1500 for a new Virtual Interface (VIF). As\na result, the MTU of the VIF could differ from that of the target\nbridge. This update fixes the VIF hot-plug script so that the default\nMTU for new VIFs will match that of the target Xen hypervisor bridge.\nIn combination with a new enough kernel (RHSA-2011:1386), this enables\nthe use of jumbo frames in Xen hypervisor guests. (BZ#738608)\n\n* Prior to this update, the network-bridge script set the MTU of the\nbridge to 1500. As a result, the MTU of the Xen hypervisor bridge\ncould differ from that of the physical interface. This update fixes\nthe network script so the MTU of the bridge can be set higher than\n1500, thus also providing support for jumbo frames. Now, the MTU of\nthe Xen hypervisor bridge will match that of the physical interface.\n(BZ#738610)\n\n* Red Hat Enterprise Linux 5.6 introduced an optimized migration\nhandling that speeds up the migration of guests with large memory.\nHowever, the new migration procedure can theoretically cause data\ncorruption. While no cases were observed in practice, with this\nupdate, the xend daemon properly waits for correct device release\nbefore the guest is started on a destination machine, thus fixing this\nbug. (BZ#743850)\n\nNote: Before a guest is using a new enough kernel (RHSA-2011:1386),\nthe MTU of the VIF will drop back to 1500 (if it was set higher) after\nmigration.\n\nAll xen users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the xend service must be restarted for this\nupdate to take effect.", "edition": 25, "published": "2011-10-25T00:00:00", "title": "CentOS 5 : xen (CESA-2011:1401)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "modified": "2011-10-25T00:00:00", "cpe": ["p-cpe:/a:centos:centos:xen", "p-cpe:/a:centos:centos:xen-libs", "cpe:/o:centos:centos:5", "p-cpe:/a:centos:centos:xen-devel"], "id": "CENTOS_RHSA-2011-1401.NASL", "href": "https://www.tenable.com/plugins/nessus/56621", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1401 and \n# CentOS Errata and Security Advisory 2011:1401 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56621);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-3346\");\n script_bugtraq_id(49545);\n script_xref(name:\"RHSA\", value:\"2011:1401\");\n\n script_name(english:\"CentOS 5 : xen (CESA-2011:1401)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated xen packages that fix one security issue and three bugs are\nnow available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nThe xen packages contain administration tools and the xend service for\nmanaging the kernel-xen kernel for virtualization on Red Hat\nEnterprise Linux.\n\nA buffer overflow flaw was found in the Xen hypervisor SCSI subsystem\nemulation. An unprivileged, local guest user could provide a large\nnumber of bytes that are used to zero out a fixed-sized buffer via a\nSAI READ CAPACITY SCSI command, overwriting memory and causing the\nguest to crash. (CVE-2011-3346)\n\nThis update also fixes the following bugs :\n\n* Prior to this update, the vif-bridge script used a maximum\ntransmission unit (MTU) of 1500 for a new Virtual Interface (VIF). As\na result, the MTU of the VIF could differ from that of the target\nbridge. This update fixes the VIF hot-plug script so that the default\nMTU for new VIFs will match that of the target Xen hypervisor bridge.\nIn combination with a new enough kernel (RHSA-2011:1386), this enables\nthe use of jumbo frames in Xen hypervisor guests. (BZ#738608)\n\n* Prior to this update, the network-bridge script set the MTU of the\nbridge to 1500. As a result, the MTU of the Xen hypervisor bridge\ncould differ from that of the physical interface. This update fixes\nthe network script so the MTU of the bridge can be set higher than\n1500, thus also providing support for jumbo frames. Now, the MTU of\nthe Xen hypervisor bridge will match that of the physical interface.\n(BZ#738610)\n\n* Red Hat Enterprise Linux 5.6 introduced an optimized migration\nhandling that speeds up the migration of guests with large memory.\nHowever, the new migration procedure can theoretically cause data\ncorruption. While no cases were observed in practice, with this\nupdate, the xend daemon properly waits for correct device release\nbefore the guest is started on a destination machine, thus fixing this\nbug. (BZ#743850)\n\nNote: Before a guest is using a new enough kernel (RHSA-2011:1386),\nthe MTU of the VIF will drop back to 1500 (if it was set higher) after\nmigration.\n\nAll xen users are advised to upgrade to these updated packages, which\ncontain backported patches to correct these issues. After installing\nthe updated packages, the xend service must be restarted for this\nupdate to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-October/018131.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c9d9f355\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-October/018132.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c25fc751\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected xen packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xen\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xen-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xen-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/25\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"xen-3.0.3-132.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xen-devel-3.0.3-132.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"xen-libs-3.0.3-132.el5_7.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xen / xen-devel / xen-libs\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-01-17T12:07:54", "description": " - fix for CVE-2011-3346 (bnc#728664)", "edition": 21, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : kvm (openSUSE-2011-95)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2011-3346"], "modified": "2014-06-13T00:00:00", "cpe": ["cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:kvm-debuginfo", "p-cpe:/a:novell:opensuse:kvm-debugsource", "p-cpe:/a:novell:opensuse:kvm"], "id": "OPENSUSE-2011-95.NASL", "href": "https://www.tenable.com/plugins/nessus/74540", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2011-95.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74540);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-3346\");\n\n script_name(english:\"openSUSE Security Update : kvm (openSUSE-2011-95)\");\n script_summary(english:\"Check for the openSUSE-2011-95 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\" - fix for CVE-2011-3346 (bnc#728664)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=728664\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected kvm packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:N/I:N/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kvm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kvm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:kvm-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"kvm-0.15.1-1.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"kvm-debuginfo-0.15.1-1.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"kvm-debugsource-0.15.1-1.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kvm / kvm-debuginfo / kvm-debugsource\");\n}\n", "cvss": {"score": 4.0, "vector": "AV:L/AC:H/Au:N/C:N/I:N/A:C"}}]}