MiracleLinux 3 : xen-3.0.3-132.2.0.1.AXS3 (AXSA:2011-338:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-338:03 advisory. This package contains the Xen tools and management daemons needed to run virtual machines on x86, x8664, and ia64 systems. Information on how to use Xen can b...

SUSE CVE-2011-3346

Buffer overflow in hw/scsi-disk.c in the SCSI subsystem in QEMU before 0.15.2, as used by Xen, might allow local guest users with permission to access the CD-ROM to cause a denial of service guest crash via a crafted SAI READ CAPACITY SCSI command. NOTE: this is only a vulnerability when root has...

openSUSE Security Update : kvm (openSUSE-2011-95)

fix for CVE-2011-3346 bnc728664 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2011-95. The text description of this plugin is C SUSE LLC. include'deprecatednasllevel.inc';...

CVE-2011-3346

CVE-2011-3346 affects QEMU up to version 0.15.2 (SCSI subsystem, hw/scsi-disk.c) when used with Xen. A crafted SAI READ CAPACITY command could cause a local guest denial of service (guest crash) for users with access to the CD-ROM, and is conditioned on root having modified certain permissions/AC...

CentOS 5 : xen (CESA-2011:1401)

Updated xen packages that fix one security issue and three bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RHEL 5 : xen (RHSA-2011:1401)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1401 advisory. - qemu: local DoS with SCSI CD-ROM CVE-2011-3346 Note that Nessus has not tested for this issue but has instead relied only on the application's...