22 matches found
Oracle: Security Advisory (ELSA-2007-0323)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Heap overflow
Heap-based buffer overflow in the Cirrus VGA emulator hw/display/cirrusvga.c in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to blit regions. NOTE: this vulnerability exists because an incomplete fix for CVE-2007-1320...
CVE-2014-8106
CVE-2014-8106 is a heap-based buffer overflow in the Cirrus VGA emulator (Cirrus blit region checks) of QEMU up to 2.2.0. The issue arises from an incomplete fix for CVE-2007-1320, allowing a privileged, local guest user to execute arbitrary code in the host QEMU process space via attacker-contro...
Oracle Linux 5 : Important: / xen (ELSA-2007-0323)
The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2007-0323 advisory. 3.0.3-25.0.4.el5 - QEmu cirrus bitblit bounds check - CVE-2007-1320 rhbz 296271 - QEmu NE2000 overflow check - CVE-2007-1321 rhbz 296271 - Pygrub guest...
Scientific Linux Security Update : xen on SL5.x i386/x86_64
Detail : Joris van Rantwijk found a flaw in the Pygrub utility which is used as a boot loader for guest domains. A malicious local administrator of a guest domain could create a carefully crafted grub.conf file which would trigger the execution of arbitrary code outside of that domain...
Fedora Update for kvm FEDORA-2008-4604
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for kvm FEDORA-2008-4386
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
Fedora Update for kvm FEDORA-2008-11705
The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
CVE-2008-4539
Heap-based buffer overflow in the Cirrus VGA implementation in 1 KVM before kvm-82 and 2 QEMU on Debian GNU/Linux and Ubuntu might allow local users to gain privileges by using the VNC console for a connection, aka the LGD-54XX "bitblt" heap overflow. NOTE: this issue exists because of an incorre...
Debian Security Advisory DSA 1384-1 (xen-utils)
The remote host is missing an update to xen-utils announced via advisory DSA 1384-1. OpenVAS Vulnerability Test $Id: deb13841.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1384-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian Security Advisory DSA 1284-1 (qemu)
The remote host is missing an update to qemu announced via advisory DSA 1284-1. OpenVAS Vulnerability Test $Id: deb12841.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1284-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-1384-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1284-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-1384-1 : xen-utils - several vulnerabilities
Several local vulnerabilities have been discovered in the Xen hypervisor packages which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-4993 By use of a specially crafted grub configuration file a domU us...
DSA-1384-1 xen-3.0
Bulletin has no description...
Important: xen security update
3.0.3-25.0.4.el5 - QEmu cirrus bitblit bounds check - CVE-2007-1320 rhbz 296271 - QEmu NE2000 overflow check - CVE-2007-1321 rhbz 296271 - Pygrub guest escape - CVE-2007-4993 rhbz 302821...
Debian DSA-1284-1 : qemu - several vulnerabilities
Several vulnerabilities have been discovered in the QEMU processor emulator, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1320 Tavis Ormandy discovered that a memory manageme...
CVE-2007-1320
Multiple heap-based buffer overflows in the cirrusinvalidateregion function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty...
CVE-2007-1320
Multiple heap-based buffer overflows in the cirrusinvalidateregion function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty...
CVE-2007-1320
Multiple heap-based buffer overflows in the cirrusinvalidateregion function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty...