ID de Prueba:	1.3.6.1.4.1.25623.1.0.122592
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2008-0194)
Resumen:	The remote host is missing an update for the 'xen' package(s) announced via the ELSA-2008-0194 advisory.
Descripción:	Summary: The remote host is missing an update for the 'xen' package(s) announced via the ELSA-2008-0194 advisory. Vulnerability Insight: [3.0.3-41.el5_1.5] - Disable QEMU image format auto-detection CVE-2008-2004 (rhbz #444700) [3.0.3-41.el5_1.4] - Fix PVFB to validate frame buffer description (rhbz #443376) - Fix PVFB to cope with bogus update requests (rhbz #368931) [3.0.3-41.el5_1.3] - Fix QEMU buffer overflow CVE-2007-5730 (rhbz #360381) - Fix QEMU block device extents checking CVE-2008-0928 (rhbz #433560) [3.0.3-41.el5_1.2] - Fix FV O_DIRECT flushing (rhbz #435495) [3.0.3-41.el5_1.1] - Fixed xenbaked tmpfile flaw (CVE-2007-3919) (rhbz #350421) Affected Software/OS: 'xen' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2007-3919 BugTraq ID: 26190 http://www.securityfocus.com/bid/26190 Debian Security Information: DSA-1395 (Google Search) http://www.debian.org/security/2007/dsa-1395 https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00075.html http://www.mandriva.com/security/advisories?name=MDKSA-2007:203 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=447795 http://osvdb.org/41342 http://osvdb.org/41343 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9913 http://www.redhat.com/support/errata/RHSA-2008-0194.html http://www.securitytracker.com/id?1018859 http://secunia.com/advisories/27389 http://secunia.com/advisories/27408 http://secunia.com/advisories/27486 http://secunia.com/advisories/27497 http://secunia.com/advisories/29963 http://www.vupen.com/english/advisories/2007/3621 XForce ISS Database: xen-xenqshm-symlink(37403) https://exchange.xforce.ibmcloud.com/vulnerabilities/37403 Common Vulnerability Exposure (CVE) ID: CVE-2007-5730 BugTraq ID: 23731 http://www.securityfocus.com/bid/23731 Debian Security Information: DSA-1284 (Google Search) http://www.debian.org/security/2007/dsa-1284 http://www.mandriva.com/security/advisories?name=MDVSA-2008:162 http://taviso.decsystem.org/virtsec.pdf http://osvdb.org/42985 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10000 http://secunia.com/advisories/25073 http://secunia.com/advisories/25095 http://secunia.com/advisories/29129 http://www.attrition.org/pipermail/vim/2007-October/001842.html http://www.vupen.com/english/advisories/2007/1597 XForce ISS Database: qemu-net-socket-bo(38239) https://exchange.xforce.ibmcloud.com/vulnerabilities/38239 Common Vulnerability Exposure (CVE) ID: CVE-2008-0928 BugTraq ID: 28001 http://www.securityfocus.com/bid/28001 Debian Security Information: DSA-1799 (Google Search) http://www.debian.org/security/2009/dsa-1799 http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00830.html http://www.redhat.com/archives/fedora-package-announce/2008-February/msg00850.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00852.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00857.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00900.html https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00957.html http://www.mandriva.com/security/advisories?name=MDVSA-2009:016 http://marc.info/?l=debian-security&m=120343592917055&w=2 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9706 http://secunia.com/advisories/29081 http://secunia.com/advisories/29136 http://secunia.com/advisories/29172 http://secunia.com/advisories/34642 http://secunia.com/advisories/35031 SuSE Security Announcement: SUSE-SR:2009:008 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html Common Vulnerability Exposure (CVE) ID: CVE-2008-1943 1020008 http://www.securitytracker.com/id?1020008 29183 http://www.securityfocus.com/bid/29183 29963 30781 http://secunia.com/advisories/30781 ADV-2008-1900 http://www.vupen.com/english/advisories/2008/1900/references RHSA-2008:0194 https://bugzilla.redhat.com/show_bug.cgi?id=443078 oval:org.mitre.oval:def:10338 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10338 xen-pvfb-description-dos(42387) https://exchange.xforce.ibmcloud.com/vulnerabilities/42387 Common Vulnerability Exposure (CVE) ID: CVE-2008-1944 1020009 http://www.securitytracker.com/id?1020009 29186 http://www.securityfocus.com/bid/29186 https://bugzilla.redhat.com/show_bug.cgi?id=443390 oval:org.mitre.oval:def:10868 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10868 xen-pvfb-message-dos(42388) https://exchange.xforce.ibmcloud.com/vulnerabilities/42388 Common Vulnerability Exposure (CVE) ID: CVE-2008-2004 BugTraq ID: 29101 http://www.securityfocus.com/bid/29101 http://lists.gnu.org/archive/html/qemu-devel/2008-04/msg00675.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11021 http://secunia.com/advisories/30111 http://secunia.com/advisories/30717 http://secunia.com/advisories/35062 SuSE Security Announcement: SUSE-SR:2008:013 (Google Search) http://www.novell.com/linux/security/advisories/2008_13_sr.html http://www.ubuntu.com/usn/usn-776-1 XForce ISS Database: qemu-driveinit-security-bypass(42268) https://exchange.xforce.ibmcloud.com/vulnerabilities/42268
Copyright	Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.