24 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-9379
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub- using guest OS administrators to read or delete...
SUSE CVE-2016-9379
The pygrub boot loader emulator in Xen, when S-expression output format is requested, allows local pygrub-using guest OS administrators to read or delete arbitrary files on the host via string quotes and S-expressions in the bootloader configuration file...
SUSE: Security Advisory (SUSE-SU-2016:3273-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:3174-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:3044-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:3067-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:3156-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:3083-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-9379
The CVE-2016-9379 issue affects the Xen pygrub boot loader emulator: when S-expression output is requested, string quotes and S-expressions in the bootloader config can cause information disclosure (read/delete host files) and potential privilege escalation. The vulnerability is caused by delimit...
openSUSE Security Update : xen (openSUSE-2017-4)
This updates xen to version 4.5.5 to fix the following issues : - An unprivileged user in a guest could gain guest could escalate privilege to that of the guest kernel, if it had could invoke the instruction emulator. Only 64-bit x86 HVM guest were affected. Linux guest have not been vulnerable...
SUSE SLES12 Security Update : xen (SUSE-SU-2016:3156-1)
This update for xen fixes several issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652 - CVE-2016-9386: x86 null segments were not always treated as unusable allowing ...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2016:3083-1)
This update for xen to version 4.5.5 fixes several issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652 - CVE-2016-9386: x86 null segments were not always treated as...
SUSE SLED12 / SLES12 Security Update : xen (SUSE-SU-2016:3067-1)
xen was updated to version 4.7.1 to fix 17 security issues. These security issues were fixed : - CVE-2016-9637: ioport array overflow allowing a malicious guest administrator can escalate their privilege to that of the host bsc1011652. - CVE-2016-9386: x86 null segments were not always treated as...
Debian DSA-3729-1 : xen - security update
Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2016-7777 XSA-190 Jan Beulich from SUSE discovered that Xen does not properly honor CR0.TS and CR0.EM for x86 HVM guests, potentially...
DSA-3729-1 xen - security update
Bulletin has no description...
Debian Security Advisory DSA 3729-1 (xen - security update)
Multiple vulnerabilities have been discovered in the Xen hypervisor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2016-7777 XSA-190 Jan Beulich from SUSE discovered that Xen does not properly honor CR0.TS and CR0.EM for x86 HVM guests, potentially allowi...
Citrix XenServer Multiple Vulnerabilities (CTX218775)
The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in the sniffnetware function within file tools/pygrub/src/pygrub when handling string quotes and S-expressions in the bootloader whenev...
Fedora 23 : xen (2016-68b71978a1)
xen : various security flaws 1397383 x86 null segments not always treated as unusable XSA-191, CVE-2016-9386 x86 task switch to VM86 mode mis-handled XSA-192, CVE-2016-9382 x86 segment base write emulation lacking canonical address checks XSA-193, CVE-2016-9385 x86 64-bit bit test instruction...
Fedora 25 : xen (2016-999e1a6927)
xen : various security flaws 1397383 x86 null segments not always treated as unusable XSA-191, CVE-2016-9386 x86 task switch to VM86 mode mis-handled XSA-192, CVE-2016-9382 x86 segment base write emulation lacking canonical address checks XSA-193, CVE-2016-9385 guest 32-bit ELF symbol table load...
Fedora Update for xen FEDORA-2016-95c104a4c6
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...