Búsqueda de    
Vulnerabilidad   
    Buscar 191973 Descripciones CVE y
86218 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.140173
Categoría:Citrix Xenserver Local Security Checks
Título:Citrix XenServer Multiple Security Updates (CTX220771)
Resumen:Two security issues have been identified within Citrix XenServer.
Descripción:Summary:
Two security issues have been identified within Citrix XenServer.

Vulnerability Insight:
The following vulnerabilities have been addressed:

- CVE-2017-2615 (High): QEMU: oob access in cirrus bitblt copy

- CVE-2017-2620 (High): QEMU: cirrus_bitblt_cputovideo does not check if memory region is safe.

Customers using only PV guest VMs are not affected by this vulnerability.

Customers using only VMs that use the std-vga graphics emulation are not affected by this vulnerability.

Vulnerability Impact:
These issues could, if exploited, allow the administrator of an HVM guest VM to compromise the host.

Affected Software/OS:
XenServer 7.0

XenServer 6.5

XenServer 6.2.0

XenServer 6.0.2

Solution:
Apply the hotfix referenced in the advisory.

CVSS Score:
9.0

CVSS Vector:
AV:N/AC:L/Au:S/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2017-2615
BugTraq ID: 95990
http://www.securityfocus.com/bid/95990
https://security.gentoo.org/glsa/201702-27
https://security.gentoo.org/glsa/201702-28
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
http://www.openwall.com/lists/oss-security/2017/02/01/6
https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg00015.html
RedHat Security Advisories: RHSA-2017:0309
http://rhn.redhat.com/errata/RHSA-2017-0309.html
RedHat Security Advisories: RHSA-2017:0328
http://rhn.redhat.com/errata/RHSA-2017-0328.html
RedHat Security Advisories: RHSA-2017:0329
http://rhn.redhat.com/errata/RHSA-2017-0329.html
RedHat Security Advisories: RHSA-2017:0330
http://rhn.redhat.com/errata/RHSA-2017-0330.html
RedHat Security Advisories: RHSA-2017:0331
http://rhn.redhat.com/errata/RHSA-2017-0331.html
RedHat Security Advisories: RHSA-2017:0332
http://rhn.redhat.com/errata/RHSA-2017-0332.html
RedHat Security Advisories: RHSA-2017:0333
http://rhn.redhat.com/errata/RHSA-2017-0333.html
RedHat Security Advisories: RHSA-2017:0334
http://rhn.redhat.com/errata/RHSA-2017-0334.html
RedHat Security Advisories: RHSA-2017:0344
http://rhn.redhat.com/errata/RHSA-2017-0344.html
RedHat Security Advisories: RHSA-2017:0350
http://rhn.redhat.com/errata/RHSA-2017-0350.html
RedHat Security Advisories: RHSA-2017:0396
http://rhn.redhat.com/errata/RHSA-2017-0396.html
RedHat Security Advisories: RHSA-2017:0454
http://rhn.redhat.com/errata/RHSA-2017-0454.html
http://www.securitytracker.com/id/1037804
Common Vulnerability Exposure (CVE) ID: CVE-2017-2620
BugTraq ID: 96378
http://www.securityfocus.com/bid/96378
https://security.gentoo.org/glsa/201703-07
https://security.gentoo.org/glsa/201704-01
https://lists.debian.org/debian-lts-announce/2018/02/msg00005.html
http://www.openwall.com/lists/oss-security/2017/02/21/1
https://lists.gnu.org/archive/html/qemu-devel/2017-02/msg04700.html
RedHat Security Advisories: RHSA-2017:0351
http://rhn.redhat.com/errata/RHSA-2017-0351.html
RedHat Security Advisories: RHSA-2017:0352
http://rhn.redhat.com/errata/RHSA-2017-0352.html
http://www.securitytracker.com/id/1037870
CopyrightCopyright (C) 2017 Greenbone Networks GmbH

Esta es sólo una de 86218 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2020 E-Soft Inc. Todos los derechos reservados.