NASLDB: SuSE Security Update: xen-201004 (2010-02-20)
General
ID: 50966
Name: SuSE Security Update: xen-201004 (2010-02-20)
Summary: Check for the xen-201004 package
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –
Port: 0
Family: SuSE Local Security Checks
Type: –
Description
Collective Xen/201004 Update, containing fixes for the following issues:
bnc#576832 – pygrub, reiserfs: Fix on-disk structure definition
bnc#537370 – Xen on SLES 11 does not boot – endless loop in ATA detection
bnc#561912 – xend leaks memory
bnc#564750 – Keyboard Caps Lock key works abnormal under SLES11 xen guest OS.
bnc#548443 – keymap setting not preserved
bnc#555152 – ‘NAME’ column in xentop (SLES11) output limited to 10 characters unlike SLES10
bnc#553631 – L3: diskpart will not run on windows 2008
bnc#548852 – DL585G2 – plug-in PCI cards fail in IO-APIC mode
bnc#529195 – xend: disallow ! as a sxp separator
bnc#550397 – xend: bootable flag of VBD not always of type int
bnc#545470 – Xen vifname parameter is ignored when using type=ioemu in guest configuration file
bnc#541945 – xm create -x command does not work in SLES 10 SP2 or SLES 11
bnc#542525 – xen pygrub vulnerability (CVE-2009-3525)
bnc#481592 and fate#306125 – Virtual machines are not able to boot from CD to allow upgrade to OES2SP1 (sle10 bug)
bnc#553633 – Update breaks menu access keys in virt-viewer and still misses some key sequences. (sle10 bug)
fate#306720: xen: virt-manager cdrom handling.
bnc#547590 – L3: virt-manager is unable of displaying VNC console on remote hosts
bnc#572691 – libvird segfaults when trying to create a kvm guest
bnc#573748 – L3: Virsh gives error Device 51712 not connected after updating libvirt modules
bnc#548438 – libcmpiutil / libvirt-cim does not properly handle CIM_ prefixed
bnc#513921: Xen doesn’t work get an eror when starting the install processes or starting a pervious installed DomU
bnc#526855: Cannot set MAC address for PV guest in vm-install
Exploiting
Exploit Available: –
Exploitability Ease: –
Sources
CVE: CVE-2009-3525
OSVDB: –
Bugtraq: –
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: –
Plugin Release: 2010/12/02
Plugin
Version: 1.2
Filename: suse_11_xen-201004-100220.nasl
Filesize: 8900 bytes
MD5 Hash: 1533b11dc13ad315a42ec847cf51663c
Identification: Host/SuSE/rpm-list
Require Keys: Host/SuSE/rpm-list
Dependencies: "ssh_get_info.nasl"
Copyright: This script is Copyright© 2010-2011 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack