Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.1140113
Categoría:Citrix Xenserver Local Security Checks
Título:Citrix XenServer Multiple Security Updates (CTX219378)
Resumen:Security vulnerabilities have been identified in Citrix XenServer that may allow malicious; code running within a guest VM to read a small part of hypervisor memory and allow privileged-mode code running within a guest; VM to hang or crash the host.
Descripción:Summary:
Security vulnerabilities have been identified in Citrix XenServer that may allow malicious
code running within a guest VM to read a small part of hypervisor memory and allow privileged-mode code running within a guest
VM to hang or crash the host.

Vulnerability Insight:
The following vulnerabilities have been addressed:

- CVE-2016-9932 (Low): x86 CMPXCHG8B emulation fails to ignore operand size override

- CVE-2016-10024 (Medium): x86 PV guests may be able to mask interrupts

- CVE-2016-10025 (Low): missing NULL pointer check in VMFUNC emulation

Affected Software/OS:
These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 7.0.

Solution:
Apply the hotfix referenced in the advisory.

CVSS Score:
4.9

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-9932
BugTraq ID: 94863
http://www.securityfocus.com/bid/94863
Debian Security Information: DSA-3847 (Google Search)
http://www.debian.org/security/2017/dsa-3847
https://security.gentoo.org/glsa/201612-56
http://www.securitytracker.com/id/1037468
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.