Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2008-0892)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.122553

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2008-0892)

Resumen: The remote host is missing an update for the 'xen' package(s) announced via the ELSA-2008-0892 advisory.

Descripción: Summary:
The remote host is missing an update for the 'xen' package(s) announced via the ELSA-2008-0892 advisory.

Vulnerability Insight:
[3.0.3-64.el5_2.3]
- Fix overflow in qemu-img (rhbz #454651)

[3.0.3-64.el5_2.2]
- Correctly limit PVFB size CVE-2008-1952 (rhbz #447760)
- Disable QEMU USB disk image format auto-detection CVE-2008-1945 (rhbz #445845)

Affected Software/OS:
'xen' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
2.1

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-1945
1020959
http://www.securitytracker.com/id?1020959
30604
http://www.securityfocus.com/bid/30604
32063
http://secunia.com/advisories/32063
32088
http://secunia.com/advisories/32088
34642
http://secunia.com/advisories/34642
35031
http://secunia.com/advisories/35031
35062
http://secunia.com/advisories/35062
DSA-1799
http://www.debian.org/security/2009/dsa-1799
MDVSA-2008:162
http://www.mandriva.com/security/advisories?name=MDVSA-2008:162
RHSA-2008:0892
https://rhn.redhat.com/errata/RHSA-2008-0892.html
SUSE-SR:2009:008
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
USN-776-1
http://www.ubuntu.com/usn/usn-776-1
oval:org.mitre.oval:def:9905
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9905
qemu-image-security-bypass(44269)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44269
Common Vulnerability Exposure (CVE) ID: CVE-2008-1952
1020957
http://www.securitytracker.com/id?1020957
30646
http://www.securityfocus.com/bid/30646
[Xen-devel] 20080521 [PATCH] ioemu: Fix PVFB backend to limit frame buffer size
http://lists.xensource.com/archives/html/xen-devel/2008-05/msg00421.html
[oss-security] 20080521 New Xen ioemu: PVFB backend issue
http://www.openwall.com/lists/oss-security/2008/05/21/9
http://xenbits.xensource.com/xen-unstable.hg?rev/9044705960cb30cec385bdca7305bcf7db096721
oval:org.mitre.oval:def:11189
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11189
xen-pvfb-ioemu-dos(43362)
https://exchange.xforce.ibmcloud.com/vulnerabilities/43362

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.122553
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2008-0892)
Resumen:	The remote host is missing an update for the 'xen' package(s) announced via the ELSA-2008-0892 advisory.
Descripción:	Summary: The remote host is missing an update for the 'xen' package(s) announced via the ELSA-2008-0892 advisory. Vulnerability Insight: [3.0.3-64.el5_2.3] - Fix overflow in qemu-img (rhbz #454651) [3.0.3-64.el5_2.2] - Correctly limit PVFB size CVE-2008-1952 (rhbz #447760) - Disable QEMU USB disk image format auto-detection CVE-2008-1945 (rhbz #445845) Affected Software/OS: 'xen' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-1945 1020959 http://www.securitytracker.com/id?1020959 30604 http://www.securityfocus.com/bid/30604 32063 http://secunia.com/advisories/32063 32088 http://secunia.com/advisories/32088 34642 http://secunia.com/advisories/34642 35031 http://secunia.com/advisories/35031 35062 http://secunia.com/advisories/35062 DSA-1799 http://www.debian.org/security/2009/dsa-1799 MDVSA-2008:162 http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 RHSA-2008:0892 https://rhn.redhat.com/errata/RHSA-2008-0892.html SUSE-SR:2009:008 http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html USN-776-1 http://www.ubuntu.com/usn/usn-776-1 oval:org.mitre.oval:def:9905 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9905 qemu-image-security-bypass(44269) https://exchange.xforce.ibmcloud.com/vulnerabilities/44269 Common Vulnerability Exposure (CVE) ID: CVE-2008-1952 1020957 http://www.securitytracker.com/id?1020957 30646 http://www.securityfocus.com/bid/30646 [Xen-devel] 20080521 [PATCH] ioemu: Fix PVFB backend to limit frame buffer size http://lists.xensource.com/archives/html/xen-devel/2008-05/msg00421.html [oss-security] 20080521 New Xen ioemu: PVFB backend issue http://www.openwall.com/lists/oss-security/2008/05/21/9 http://xenbits.xensource.com/xen-unstable.hg?rev/9044705960cb30cec385bdca7305bcf7db096721 oval:org.mitre.oval:def:11189 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11189 xen-pvfb-ioemu-dos(43362) https://exchange.xforce.ibmcloud.com/vulnerabilities/43362
Copyright	Copyright (C) 2015 Greenbone AG