Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2009-0003)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122532

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2009-0003)

Resumen: The remote host is missing an update for the 'xen' package(s) announced via the ELSA-2009-0003 advisory.

Descripción: Summary:
The remote host is missing an update for the 'xen' package(s) announced via the ELSA-2009-0003 advisory.

Vulnerability Insight:
[3.0.3-64.el5_2.9]
- More fixes for Xenstore unsafe data access (CVE-2008-4405, rhbz #464817)
- Fix block-detach regression due to (CVE-2008-4405, rhbz #473882)

[3.0.3-64.el5_2.8]
- Remove unnecessary patch & rebuild

[3.0.3-64.el5_2.7]
- Fix reboots after CVE-2008-4405 changes (rhbz #471588)

[3.0.3-64.el5_2.6]
- Remove qemu-dm.debug wrapper script (CVE-2008-4993, rhbz #470795)

[3.0.3-64.el5_2.5]
- Fix unsafe use of xenstore data (CVE-2008-4405, rhbz #464817)

[3.0.3-64.el5_2.4]
- Don't clobber wallclock on restore (rhbz #464455)

Affected Software/OS:
'xen' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-4405
BugTraq ID: 31499
http://www.securityfocus.com/bid/31499
http://www.mandriva.com/security/advisories?name=MDVSA-2009:016
http://openwall.com/lists/oss-security/2008/09/30/6
http://www.openwall.com/lists/oss-security/2008/10/04/3
http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html
http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10627
http://www.redhat.com/support/errata/RHSA-2009-0003.html
http://www.securitytracker.com/id?1020955
http://secunia.com/advisories/32064
SuSE Security Announcement: SUSE-SR:2009:015 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html
http://www.vupen.com/english/advisories/2008/2709
Common Vulnerability Exposure (CVE) ID: CVE-2008-4993
http://www.openwall.com/lists/oss-security/2008/10/30/2
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9576
XForce ISS Database: xen-qemudm-symlink(46545)
https://exchange.xforce.ibmcloud.com/vulnerabilities/46545

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122532
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2009-0003)
Resumen:	The remote host is missing an update for the 'xen' package(s) announced via the ELSA-2009-0003 advisory.
Descripción:	Summary: The remote host is missing an update for the 'xen' package(s) announced via the ELSA-2009-0003 advisory. Vulnerability Insight: [3.0.3-64.el5_2.9] - More fixes for Xenstore unsafe data access (CVE-2008-4405, rhbz #464817) - Fix block-detach regression due to (CVE-2008-4405, rhbz #473882) [3.0.3-64.el5_2.8] - Remove unnecessary patch & rebuild [3.0.3-64.el5_2.7] - Fix reboots after CVE-2008-4405 changes (rhbz #471588) [3.0.3-64.el5_2.6] - Remove qemu-dm.debug wrapper script (CVE-2008-4993, rhbz #470795) [3.0.3-64.el5_2.5] - Fix unsafe use of xenstore data (CVE-2008-4405, rhbz #464817) [3.0.3-64.el5_2.4] - Don't clobber wallclock on restore (rhbz #464455) Affected Software/OS: 'xen' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4405 BugTraq ID: 31499 http://www.securityfocus.com/bid/31499 http://www.mandriva.com/security/advisories?name=MDVSA-2009:016 http://openwall.com/lists/oss-security/2008/09/30/6 http://www.openwall.com/lists/oss-security/2008/10/04/3 http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10627 http://www.redhat.com/support/errata/RHSA-2009-0003.html http://www.securitytracker.com/id?1020955 http://secunia.com/advisories/32064 SuSE Security Announcement: SUSE-SR:2009:015 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html http://www.vupen.com/english/advisories/2008/2709 Common Vulnerability Exposure (CVE) ID: CVE-2008-4993 http://www.openwall.com/lists/oss-security/2008/10/30/2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9576 XForce ISS Database: xen-qemudm-symlink(46545) https://exchange.xforce.ibmcloud.com/vulnerabilities/46545
Copyright	Copyright (C) 2015 Greenbone AG