English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.850619
Kategorie:SuSE Local Security Checks
Titel:openSUSE: Security Advisory for xen (openSUSE-SU-2014:1279-1)
Zusammenfassung:The remote host is missing an update for the 'xen'; package(s) announced via the referenced advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'xen'
package(s) announced via the referenced advisory.

Vulnerability Insight:
XEN was updated to fix various bugs and security issues.

Security issues fixed:

- bnc#897657 - CVE-2014-7188: XSA-108 Improper MSR range used for x2APIC
emulation

- bnc#895802 - CVE-2014-7156: XSA-106: Missing privilege level checks in
x86 emulation of software interrupts

- bnc#895799 - CVE-2014-7155: XSA-105: Missing privilege level checks in
x86 HLT, LGDT, LIDT, and LMSW emulation

- bnc#895798 - CVE-2014-7154: XSA-104: Race condition in
HVMOP_track_dirty_vram

- bnc#864801 - CVE-2013-4540: qemu: zaurus: buffer overrun on invalid
state load

- bnc#880751 - CVE-2014-4021: XSA-100: Hypervisor heap contents leaked to
guests

- bnc#878841 - CVE-2014-3967, CVE-2014-3968: XSA-96: Vulnerabilities in HVM
MSI injection

- bnc#867910 - CVE-2014-2599: XSA-89: HVMOP_set_mem_access is not
preemptible

- bnc#842006 - CVE-2013-4344: XSA-65: xen: qemu SCSI REPORT LUNS buffer
overflow

Other bugs fixed:

- bnc#896023 - Adjust xentop column layout

- bnc#891539 - xend: fix netif convertToDeviceNumber for running domains

- bnc#820873 - The 'long' option doesn't work with 'xl list'

- bnc#881900 - XEN kernel panic do_device_not_available()

- bnc#833483 - Boot Failure with xen kernel in UEFI mode with error 'No
memory for trampoline'

- bnc#862608 - SLES 11 SP3 vm-install should get RHEL 7 support when
released

- bnc#858178 - [HP HPS Bug]: SLES11sp3 XEN kiso version cause softlockup
on 8 blades npar(480 cpu)

- bnc#865682 - Local attach support for PHY backends using scripts

- bnc#798770 - Improve multipath support for npiv devices

Affected Software/OS:
xen on openSUSE 12.3

Solution:
Please install the updated package(s).

CVSS Score:
8.3

CVSS Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-4344
BugTraq ID: 62773
http://www.securityfocus.com/bid/62773
http://www.openwall.com/lists/oss-security/2013/10/02/2
http://article.gmane.org/gmane.comp.emulators.qemu/237191
http://osvdb.org/98028
RedHat Security Advisories: RHSA-2013:1553
http://rhn.redhat.com/errata/RHSA-2013-1553.html
RedHat Security Advisories: RHSA-2013:1754
http://rhn.redhat.com/errata/RHSA-2013-1754.html
SuSE Security Announcement: openSUSE-SU-2014:1279 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
SuSE Security Announcement: openSUSE-SU-2014:1281 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
http://www.ubuntu.com/usn/USN-2092-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-4540
http://lists.fedoraproject.org/pipermail/package-announce/2014-May/133345.html
http://lists.gnu.org/archive/html/qemu-devel/2013-12/msg00394.html
http://lists.nongnu.org/archive/html/qemu-stable/2014-07/msg00187.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-2599
BugTraq ID: 66407
http://www.securityfocus.com/bid/66407
Debian Security Information: DSA-3006 (Google Search)
http://www.debian.org/security/2014/dsa-3006
http://security.gentoo.org/glsa/glsa-201407-03.xml
http://www.openwall.com/lists/oss-security/2014/03/25/2
http://www.openwall.com/lists/oss-security/2014/03/25/1
http://www.securitytracker.com/id/1029956
Common Vulnerability Exposure (CVE) ID: CVE-2014-3967
BugTraq ID: 67794
http://www.securityfocus.com/bid/67794
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134739.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-June/134710.html
https://security.gentoo.org/glsa/201504-04
http://www.openwall.com/lists/oss-security/2014/06/04/13
http://www.securitytracker.com/id/1030322
Common Vulnerability Exposure (CVE) ID: CVE-2014-3968
BugTraq ID: 67824
http://www.securityfocus.com/bid/67824
Common Vulnerability Exposure (CVE) ID: CVE-2014-4021
BugTraq ID: 68070
http://www.securityfocus.com/bid/68070
http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135071.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135068.html
http://www.securitytracker.com/id/1030442
http://secunia.com/advisories/59208
http://secunia.com/advisories/60027
http://secunia.com/advisories/60130
http://secunia.com/advisories/60471
Common Vulnerability Exposure (CVE) ID: CVE-2014-7154
Debian Security Information: DSA-3041 (Google Search)
http://www.debian.org/security/2014/dsa-3041
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140483.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140418.html
http://security.gentoo.org/glsa/glsa-201412-42.xml
http://www.securitytracker.com/id/1030887
http://secunia.com/advisories/61501
http://secunia.com/advisories/61890
Common Vulnerability Exposure (CVE) ID: CVE-2014-7155
BugTraq ID: 70057
http://www.securityfocus.com/bid/70057
http://www.securitytracker.com/id/1030888
http://secunia.com/advisories/61858
Common Vulnerability Exposure (CVE) ID: CVE-2014-7156
BugTraq ID: 70062
http://www.securityfocus.com/bid/70062
http://www.securitytracker.com/id/1030889
http://secunia.com/advisories/61500
Common Vulnerability Exposure (CVE) ID: CVE-2014-7188
BugTraq ID: 70198
http://www.securityfocus.com/bid/70198
http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140199.html
http://www.c7zero.info/stuff/csw2017_ExploringYourSystemDeeper_updated.pdf
http://www.securitytracker.com/id/1030936
http://secunia.com/advisories/61664
XForce ISS Database: xen-cve20147188-dos(96785)
https://exchange.xforce.ibmcloud.com/vulnerabilities/96785
CopyrightCopyright (C) 2014 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.