Debian DSA-2531-1 : xen - Denial of Service

NASLDB: Debian DSA-2531-1 : xen - Denial of Service

General

ID: 61578
Name: Debian DSA-2531-1 : xen – Denial of Service

Summary: Checks dpkg output for the updated package

Credits: –

Classification

Risk: –

CVSS: –
CVSS Base Vector: –
CVSS Temporal Vector: –

Port: 0
Family: Debian Local Security Checks
Type: Local

Description

Several denial-of-service vulnerabilities have been discovered in Xen,
the popular virtualization software. The Common Vulnerabilities and
Exposures project identifies the following issues :

– CVE-2012-3432
Guest mode unprivileged code, which has been granted the
privilege to access MMIO regions, may leverage that
access to crash the whole guest. Since this can be used
to crash a client from within, this vulnerability is
considered to have low impact.

– CVE-2012-3433
A guest kernel can cause the host to become unresponsive
for a period of time, potentially leading to a DoS.
Since an attacker with full control in the guest can
impact the host, this vulnerability is considered to
have high impact.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2012-3432
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2012/08/18
Plugin Release: 2012/08/20

Plugin

Version: 1.1
Filename: debian_DSA-2531.nasl
Filesize: 3576 bytes
MD5 Hash: daa03fe1bc3633200d9d544cf5059724

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG