12 matches found
EUVD-2007-4974
Malware in sbrugna...
EUVD-2008-4386
Malware in sbrugna...
Information disclosure
The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service host crash by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread...
CVE-2009-3525
The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the...
Design/Logic Flaw
xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM's write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1...
CVE-2008-4405
xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM's write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1...
CVE-2008-4405
xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM's write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to 1...
CVE-2008-4405
CVE-2008-4405 affects Xen 3.0.3 (xend) where the /local/domain xenstore tree is not properly restricted, allowing a guest DomU to write to (console/tty, console/limit, image/device-model-pid) and potentially cause a denial of service with unspecified other impact. Multiple advisories (RHSA-2009:0...
Design/Logic Flaw
pygrub tools/pygrub/src/GrubConf.py in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements...
CVE-2007-4993
pygrub tools/pygrub/src/GrubConf.py in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements...
CVE-2007-4993
pygrub tools/pygrub/src/GrubConf.py in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements...
CVE-2007-4993
CVE-2007-4993 affects Xen 3.0.3: Pygrub (tools/pygrub/src/GrubConf.py) used when booting a guest domain. A local attacker with privileges in the guest can craft a grub.conf that is executed via exec statements, enabling arbitrary code execution in domain 0. This is a local, guest-to-domain-0 priv...