Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.1.4.2013.1314.1 |
Categoría: | SuSE Local Security Checks |
Título: | SUSE: Security Advisory (SUSE-SU-2013:1314-1) |
Resumen: | The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2013:1314-1 advisory. |
Descripción: | Summary: The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2013:1314-1 advisory. Vulnerability Insight: The Xen hypervisor and toolset has been updated to 4.2.2_06 to fix various bugs and security issues: The following security issues have been addressed: * CVE-2013-2194: Various integer overflows in the ELF loader were fixed. (XSA-55) * CVE-2013-2195: Various pointer dereferences issues in the ELF loader were fixed. (XSA-55) * CVE-2013-2196: Various other problems in the ELF loader were fixed. (XSA-55) * CVE-2013-2078: A Hypervisor crash due to missing exception recovery on XSETBV was fixed. (XSA-54) * CVE-2013-2077: A Hypervisor crash due to missing exception recovery on XRSTOR was fixed. (XSA-53) * CVE-2013-2211: libxl allowed guest write access to sensitive console related xenstore keys. (XSA-57) * CVE-2013-2076: An information leak on XSAVE/XRSTOR capable AMD CPUs (XSA-52) was fixed, where parts of this state could leak to other VMs. Also the following bugs have been fixed: * performance issues in mirror lvm (bnc#801663) * aacraid driver panics mapping INT A when booting kernel-xen (bnc#808085) * Fully Virtualized Windows VM install failed on Ivy Bridge platforms with Xen kernel (bnc#808269) * Did not boot with i915 graphics controller with VT-d enabled (bnc#817210) Security Issue references: * CVE-2013-2194 > * CVE-2013-2195 > * CVE-2013-2196 > Affected Software/OS: 'Xen' package(s) on SUSE Linux Enterprise Desktop 11 SP3, SUSE Linux Enterprise Server 11 SP3, SUSE Linux Enterprise Software Development Kit 11 SP3. Solution: Please install the updated package(s). CVSS Score: 7.4 CVSS Vector: AV:A/AC:M/Au:S/C:C/I:C/A:C |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-2076 Debian Security Information: DSA-3006 (Google Search) http://www.debian.org/security/2014/dsa-3006 http://security.gentoo.org/glsa/glsa-201309-24.xml http://www.openwall.com/lists/oss-security/2013/06/03/1 http://secunia.com/advisories/55082 SuSE Security Announcement: SUSE-SU-2014:0446 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00021.html Common Vulnerability Exposure (CVE) ID: CVE-2013-2077 http://www.openwall.com/lists/oss-security/2013/06/03/2 Common Vulnerability Exposure (CVE) ID: CVE-2013-2078 http://www.openwall.com/lists/oss-security/2013/06/03/3 http://www.securitytracker.com/id/1028613 Common Vulnerability Exposure (CVE) ID: CVE-2013-2194 http://www.openwall.com/lists/oss-security/2013/06/20/2 http://www.openwall.com/lists/oss-security/2013/06/20/4 SuSE Security Announcement: SUSE-SU-2014:0411 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00015.html SuSE Security Announcement: SUSE-SU-2014:0470 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00000.html Common Vulnerability Exposure (CVE) ID: CVE-2013-2195 Common Vulnerability Exposure (CVE) ID: CVE-2013-2196 Common Vulnerability Exposure (CVE) ID: CVE-2013-2211 http://www.openwall.com/lists/oss-security/2013/06/25/1 http://www.openwall.com/lists/oss-security/2013/06/26/4 |
Copyright | Copyright (C) 2021 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |