English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 219043 Descripciones CVE y
99761 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.851262
Categoría:SuSE Local Security Checks
Título:openSUSE: Security Advisory for xen (openSUSE-SU-2016:0914-1)
Resumen:The remote host is missing an update for the 'xen'; package(s) announced via the referenced advisory.
Descripción:Summary:
The remote host is missing an update for the 'xen'
package(s) announced via the referenced advisory.

Vulnerability Insight:
xen was updated to fix 26 security issues.

These security issues were fixed:

- CVE-2013-4533: Buffer overflow in the pxa2xx_ssp_load function in
hw/arm/pxa2xx.c allowed remote attackers to cause a denial of service or
possibly execute arbitrary code via a crafted s- rx_level value in a
savevm image (bsc#864655).

- CVE-2013-4537: The ssi_sd_transfer function in hw/sd/ssi-sd.c allowed
remote attackers to execute arbitrary code via a crafted arglen value in
a savevm image (bsc#864391).

- CVE-2013-4538: Multiple buffer overflows in the ssd0323_load function in
hw/display/ssd0323.c allowed remote attackers to cause a denial of
service (memory corruption) or possibly execute arbitrary code via
crafted (1) cmd_len, (2) row, or (3) col values (4) row_start and
row_end values or (5) col_star and col_end values in a savevm image
(bsc#864769).

- CVE-2013-4539: Multiple buffer overflows in the tsc210x_load function in
hw/input/tsc210x.c might have allowed remote attackers to execute
arbitrary code via a crafted (1) precision, (2) nextprecision, (3)
function, or (4) nextfunction value in a savevm image (bsc#864805).

- CVE-2014-0222: Integer overflow in the qcow_open function in
block/qcow.c allowed remote attackers to cause a denial of service
(crash) via a large L2 table in a QCOW version 1 image (bsc#877642).

- CVE-2014-3689: The vmware-vga driver (hw/display/vmware_vga.c) allowed
local guest users to write to qemu memory locations and gain privileges
via unspecified parameters related to rectangle handling (bsc#901508).

- CVE-2014-7815: The set_pixel_format function in ui/vnc.c allowed remote
attackers to cause a denial of service (crash) via a small
bytes_per_pixel value (bsc#902737).

- CVE-2014-9718: The (1) BMDMA and (2) AHCI HBA interfaces in the IDE
functionality had multiple interpretations of a function's return value,
which allowed guest OS users to cause a host OS denial of service
(memory consumption or infinite loop, and system crash) via a PRDT with
zero complete sectors, related to the bmdma_prepare_buf and
ahci_dma_prepare_buf functions (bsc#928393).

- CVE-2015-1779: The VNC websocket frame decoder allowed remote attackers
to cause a denial of service (memory and CPU consumption) via a large
(1) websocket payload or (2) HTTP headers section (bsc#924018).

- CVE-2015-5278: Infinite loop in ne2000_receive() function (bsc#945989).

- CVE-2015-6855: hw/ide/core.c did not properly restrict the commands
accepted by an ATAPI device, which allowed guest users to cause a denial
of service or possibly have unspeci ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
xen on openSUSE Leap 42.1

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2013-4533
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html
http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html
http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-4537
Common Vulnerability Exposure (CVE) ID: CVE-2013-4538
Common Vulnerability Exposure (CVE) ID: CVE-2013-4539
Common Vulnerability Exposure (CVE) ID: CVE-2014-0222
BugTraq ID: 67357
http://www.securityfocus.com/bid/67357
Debian Security Information: DSA-3044 (Google Search)
http://www.debian.org/security/2014/dsa-3044
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134053.html
https://lists.gnu.org/archive/html/qemu-devel/2014-05/msg02155.html
SuSE Security Announcement: SUSE-SU-2015:0929 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00021.html
SuSE Security Announcement: openSUSE-SU-2015:1965 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00063.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-3689
Debian Security Information: DSA-3066 (Google Search)
http://www.debian.org/security/2014/dsa-3066
Debian Security Information: DSA-3067 (Google Search)
http://www.debian.org/security/2014/dsa-3067
https://www.mail-archive.com/qemu-devel@nongnu.org/msg261580.html
http://www.osvdb.org/114397
http://secunia.com/advisories/60923
http://secunia.com/advisories/62143
http://secunia.com/advisories/62144
http://www.ubuntu.com/usn/USN-2409-1
Common Vulnerability Exposure (CVE) ID: CVE-2014-7815
RedHat Security Advisories: RHSA-2015:0349
http://rhn.redhat.com/errata/RHSA-2015-0349.html
RedHat Security Advisories: RHSA-2015:0624
http://rhn.redhat.com/errata/RHSA-2015-0624.html
http://secunia.com/advisories/61484
SuSE Security Announcement: SUSE-SU-2015:1782 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-9718
BugTraq ID: 73316
http://www.securityfocus.com/bid/73316
Debian Security Information: DSA-3259 (Google Search)
http://www.debian.org/security/2015/dsa-3259
http://openwall.com/lists/oss-security/2015/04/20/7
Common Vulnerability Exposure (CVE) ID: CVE-2015-1779
BugTraq ID: 73303
http://www.securityfocus.com/bid/73303
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/154656.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155196.html
https://security.gentoo.org/glsa/201602-01
https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04894.html
https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04896.html
https://lists.gnu.org/archive/html/qemu-devel/2015-03/msg04895.html
http://www.openwall.com/lists/oss-security/2015/03/24/9
http://www.openwall.com/lists/oss-security/2015/04/09/6
RedHat Security Advisories: RHSA-2015:1931
http://rhn.redhat.com/errata/RHSA-2015-1931.html
RedHat Security Advisories: RHSA-2015:1943
http://rhn.redhat.com/errata/RHSA-2015-1943.html
http://www.securitytracker.com/id/1033975
SuSE Security Announcement: SUSE-SU-2015:0870 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00033.html
SuSE Security Announcement: SUSE-SU-2015:0896 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00042.html
http://www.ubuntu.com/usn/USN-2608-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5278
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168077.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168646.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168671.html
http://www.openwall.com/lists/oss-security/2015/09/15/2
http://www.ubuntu.com/usn/USN-2745-1
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg03985.html
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg05832.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-6855
BugTraq ID: 76691
http://www.securityfocus.com/bid/76691
Debian Security Information: DSA-3361 (Google Search)
http://www.debian.org/security/2015/dsa-3361
Debian Security Information: DSA-3362 (Google Search)
http://www.debian.org/security/2015/dsa-3362
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169039.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169036.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167369.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169327.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/168602.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169341.html
https://lists.gnu.org/archive/html/qemu-devel/2015-09/msg02479.html
http://www.openwall.com/lists/oss-security/2015/09/10/1
http://www.openwall.com/lists/oss-security/2015/09/10/2
Common Vulnerability Exposure (CVE) ID: CVE-2015-7512
BugTraq ID: 78230
http://www.securityfocus.com/bid/78230
Debian Security Information: DSA-3469 (Google Search)
http://www.debian.org/security/2016/dsa-3469
Debian Security Information: DSA-3470 (Google Search)
http://www.debian.org/security/2016/dsa-3470
Debian Security Information: DSA-3471 (Google Search)
http://www.debian.org/security/2016/dsa-3471
http://www.openwall.com/lists/oss-security/2015/11/30/3
RedHat Security Advisories: RHSA-2015:2694
http://rhn.redhat.com/errata/RHSA-2015-2694.html
RedHat Security Advisories: RHSA-2015:2695
http://rhn.redhat.com/errata/RHSA-2015-2695.html
RedHat Security Advisories: RHSA-2015:2696
http://rhn.redhat.com/errata/RHSA-2015-2696.html
http://www.securitytracker.com/id/1034527
Common Vulnerability Exposure (CVE) ID: CVE-2015-8345
BugTraq ID: 77985
http://www.securityfocus.com/bid/77985
http://www.openwall.com/lists/oss-security/2015/11/25/11
https://lists.gnu.org/archive/html/qemu-devel/2015-10/msg03911.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8613
BugTraq ID: 79719
http://www.securityfocus.com/bid/79719
https://security.gentoo.org/glsa/201604-01
http://www.openwall.com/lists/oss-security/2015/12/22/1
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg03737.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8619
BugTraq ID: 79668
http://www.securityfocus.com/bid/79668
http://www.openwall.com/lists/oss-security/2015/12/23/1
https://lists.gnu.org/archive/html/qemu-devel/2015-12/msg02930.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8743
BugTraq ID: 79820
http://www.securityfocus.com/bid/79820
http://www.openwall.com/lists/oss-security/2016/01/04/1
http://www.openwall.com/lists/oss-security/2016/01/04/2
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00050.html
http://www.securitytracker.com/id/1034574
Common Vulnerability Exposure (CVE) ID: CVE-2015-8744
BugTraq ID: 79821
http://www.securityfocus.com/bid/79821
http://www.openwall.com/lists/oss-security/2016/01/04/3
http://www.openwall.com/lists/oss-security/2016/01/04/6
http://www.securitytracker.com/id/1034576
Common Vulnerability Exposure (CVE) ID: CVE-2015-8745
BugTraq ID: 79822
http://www.securityfocus.com/bid/79822
http://www.openwall.com/lists/oss-security/2016/01/04/4
http://www.openwall.com/lists/oss-security/2016/01/04/7
http://www.securitytracker.com/id/1034575
Common Vulnerability Exposure (CVE) ID: CVE-2016-1568
BugTraq ID: 80191
http://www.securityfocus.com/bid/80191
http://www.openwall.com/lists/oss-security/2016/01/09/1
http://www.openwall.com/lists/oss-security/2016/01/09/2
RedHat Security Advisories: RHSA-2016:0084
http://rhn.redhat.com/errata/RHSA-2016-0084.html
RedHat Security Advisories: RHSA-2016:0086
http://rhn.redhat.com/errata/RHSA-2016-0086.html
RedHat Security Advisories: RHSA-2016:0087
http://rhn.redhat.com/errata/RHSA-2016-0087.html
RedHat Security Advisories: RHSA-2016:0088
http://rhn.redhat.com/errata/RHSA-2016-0088.html
http://www.securitytracker.com/id/1034859
Common Vulnerability Exposure (CVE) ID: CVE-2016-1570
Debian Security Information: DSA-3519 (Google Search)
http://www.debian.org/security/2016/dsa-3519
http://www.securitytracker.com/id/1034744
Common Vulnerability Exposure (CVE) ID: CVE-2016-1714
BugTraq ID: 80250
http://www.securityfocus.com/bid/80250
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg00428.html
http://www.openwall.com/lists/oss-security/2016/01/11/7
http://www.openwall.com/lists/oss-security/2016/01/12/10
http://www.openwall.com/lists/oss-security/2016/01/12/11
RedHat Security Advisories: RHSA-2016:0081
http://rhn.redhat.com/errata/RHSA-2016-0081.html
RedHat Security Advisories: RHSA-2016:0082
http://rhn.redhat.com/errata/RHSA-2016-0082.html
RedHat Security Advisories: RHSA-2016:0083
http://rhn.redhat.com/errata/RHSA-2016-0083.html
RedHat Security Advisories: RHSA-2016:0085
http://rhn.redhat.com/errata/RHSA-2016-0085.html
http://www.securitytracker.com/id/1034858
Common Vulnerability Exposure (CVE) ID: CVE-2016-1981
BugTraq ID: 81549
http://www.securityfocus.com/bid/81549
http://www.openwall.com/lists/oss-security/2016/01/19/10
http://www.openwall.com/lists/oss-security/2016/01/22/1
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03454.html
RedHat Security Advisories: RHSA-2016:2585
http://rhn.redhat.com/errata/RHSA-2016-2585.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2198
https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html
http://www.openwall.com/lists/oss-security/2016/01/29/6
http://www.openwall.com/lists/oss-security/2016/01/30/2
https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg05899.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2391
BugTraq ID: 83263
http://www.securityfocus.com/bid/83263
https://lists.debian.org/debian-lts-announce/2018/11/msg00038.html
http://www.openwall.com/lists/oss-security/2016/02/16/2
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03374.html
http://www.ubuntu.com/usn/USN-2974-1
Common Vulnerability Exposure (CVE) ID: CVE-2016-2392
BugTraq ID: 83274
http://www.securityfocus.com/bid/83274
http://www.openwall.com/lists/oss-security/2016/02/16/7
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg02553.html
http://lists.nongnu.org/archive/html/qemu-stable/2016-03/msg00064.html
Common Vulnerability Exposure (CVE) ID: CVE-2016-2538
BugTraq ID: 83336
http://www.securityfocus.com/bid/83336
http://www.openwall.com/lists/oss-security/2016/02/22/3
https://lists.gnu.org/archive/html/qemu-devel/2016-02/msg03658.html
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2024 E-Soft Inc. Todos los derechos reservados.