Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.1.4.2013.1314.1 |
Kategorie: | SuSE Local Security Checks |
Titel: | SUSE: Security Advisory (SUSE-SU-2013:1314-1) |
Zusammenfassung: | The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2013:1314-1 advisory. |
Beschreibung: | Summary: The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2013:1314-1 advisory. Vulnerability Insight: The Xen hypervisor and toolset has been updated to 4.2.2_06 to fix various bugs and security issues: The following security issues have been addressed: * CVE-2013-2194: Various integer overflows in the ELF loader were fixed. (XSA-55) * CVE-2013-2195: Various pointer dereferences issues in the ELF loader were fixed. (XSA-55) * CVE-2013-2196: Various other problems in the ELF loader were fixed. (XSA-55) * CVE-2013-2078: A Hypervisor crash due to missing exception recovery on XSETBV was fixed. (XSA-54) * CVE-2013-2077: A Hypervisor crash due to missing exception recovery on XRSTOR was fixed. (XSA-53) * CVE-2013-2211: libxl allowed guest write access to sensitive console related xenstore keys. (XSA-57) * CVE-2013-2076: An information leak on XSAVE/XRSTOR capable AMD CPUs (XSA-52) was fixed, where parts of this state could leak to other VMs. Also the following bugs have been fixed: * performance issues in mirror lvm (bnc#801663) * aacraid driver panics mapping INT A when booting kernel-xen (bnc#808085) * Fully Virtualized Windows VM install failed on Ivy Bridge platforms with Xen kernel (bnc#808269) * Did not boot with i915 graphics controller with VT-d enabled (bnc#817210) Security Issue references: * CVE-2013-2194 > * CVE-2013-2195 > * CVE-2013-2196 > Affected Software/OS: 'Xen' package(s) on SUSE Linux Enterprise Desktop 11 SP3, SUSE Linux Enterprise Server 11 SP3, SUSE Linux Enterprise Software Development Kit 11 SP3. Solution: Please install the updated package(s). CVSS Score: 7.4 CVSS Vector: AV:A/AC:M/Au:S/C:C/I:C/A:C |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-2076 Debian Security Information: DSA-3006 (Google Search) http://www.debian.org/security/2014/dsa-3006 http://security.gentoo.org/glsa/glsa-201309-24.xml http://www.openwall.com/lists/oss-security/2013/06/03/1 http://secunia.com/advisories/55082 SuSE Security Announcement: SUSE-SU-2014:0446 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2013-2077 http://www.openwall.com/lists/oss-security/2013/06/03/2 Common Vulnerability Exposure (CVE) ID: CVE-2013-2078 http://www.openwall.com/lists/oss-security/2013/06/03/3 http://www.securitytracker.com/id/1028613 Common Vulnerability Exposure (CVE) ID: CVE-2013-2194 http://www.openwall.com/lists/oss-security/2013/06/20/2 http://www.openwall.com/lists/oss-security/2013/06/20/4 SuSE Security Announcement: SUSE-SU-2014:0411 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html SuSE Security Announcement: SUSE-SU-2014:0470 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2013-2195 Common Vulnerability Exposure (CVE) ID: CVE-2013-2196 Common Vulnerability Exposure (CVE) ID: CVE-2013-2211 http://www.openwall.com/lists/oss-security/2013/06/25/1 http://www.openwall.com/lists/oss-security/2013/06/26/4 |
Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |