Solaris 10 (x86) : 148113-02 (deprecated)

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Kernel/Boot. The supported version that is affected is 10. Very difficult to exploit vulnerability requiring logon to Operating System. Successful attack of this vulnerability can result in unauthorized...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

CVE-2009-3525 Xen: PyGrub missing support for password configuration command The pyGrub boot loader did not honor the 'password' option in the grub.conf file for para-virtualized guests. Users with access to a guest's console could use this flaw to bypass intended access restrictions and boot the...

RedHat Security Advisory RHSA-2009:1472

The remote host is missing updates announced in advisory RHSA-2009:1472. Xen is an open source virtualization framework. Virtualization allows users to run guest operating systems in virtual machines on top of a host operating system. The pyGrub boot loader did not honor the password option in th...

CVE-2009-3525

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...