EUVD-2008-4972

Malware in sbrugna...

Arbitrary File Overwrite

xen is vulnerable to arbitrary file overwrite. The vulnerability exists as it was discovered that the qemu-dm.debug script created a temporary file in /tmp in an insecure way. A local attacker in Dom0 could, potentially, use this flaw to overwrite arbitrary files via a symlink attack...

Scientific Linux Security Update : xen on SL5.x i386/x86_64

Xen was found to allow unprivileged DomU domains to overwrite xenstore values which should only be changeable by the privileged Dom0 domain. An attacker controlling a DomU domain could, potentially, use this flaw to kill arbitrary processes in Dom0 or trick a Dom0 user into accessing the text...

CentOS Update for xen CESA-2009:0003 centos5 i386

Check for the Version of xen OpenVAS Vulnerability Test CentOS Update for xen CESA-2009:0003 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

CentOS Update for xen CESA-2009:0003 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 5 : xen (CESA-2009:0003)

Updated xen packages that resolve several security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The xen packages contain the Xen tools and management daemons needed to manage...

Mandrake Security Advisory MDVSA-2009:016 (xen)

The remote host is missing an update to xen announced via advisory MDVSA-2009:016. OpenVAS Vulnerability Test $Id: mdksa2009016.nasl 6587 2017-07-07 06:35:35Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:016 xen Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Moderate: Red Hat Security Advisory: xen security and bug fix update

Updated xen packages that resolve several security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The xen packages contain the Xen tools and management daemons needed to manage...

xen security and bug fix update

3.0.3-64.el52.9 - More fixes for Xenstore unsafe data access CVE-2008-4405, rhbz 464817 - Fix block-detach regression due to CVE-2008-4405, rhbz 473882 3.0.3-64.el52.8 - Remove unneccessary patch & rebuild 3.0.3-64.el52.7 - Fix reboots after CVE-2008-4405 changes rhbz 471588 3.0.3-64.el52.6 -...

CVE-2008-4993

CVE-2008-4993 is a Xen/QEMU flaw in which the qemu-dm.debug wrapper (present in Xen 3.2.1) allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/args. The issue has been acknowledged in multiple advisories (RHSA-2009:0003, ELSA-2009-0003, CESA-2009:0003) and appears al...