Test Kennung:	1.3.6.1.4.1.25623.1.0.106915
Kategorie:	Citrix Xenserver Local Security Checks
Titel:	Citrix XenServer Multiple Security Updates (CTX224740)
Zusammenfassung:	A number of security issues have been identified within Citrix XenServer.
Beschreibung:	Summary: A number of security issues have been identified within Citrix XenServer. Vulnerability Insight: The following vulnerabilities have been addressed: - CVE-2017-10920, CVE-2017-10921, CVE-2017-10922 (High): Grant table operations mishandle reference counts. - CVE-2017-10918 (High): Stale P1M mappings due to insufficient error checking. - CVE-2017-10912 (Medium): Page transfer may allow PV guest to elevate privilege. - CVE-2017-10913, CVE-2017-10914 (Medium): Races in the grant table unmap code. - CVE-2017-10915 (Medium): x85: insufficient reference counts during shadow emulation. - CVE-2017-10917 (Medium): NULL pointer deref in event channel poll. - CVE-2017-10911 (Low): blkif responses leak backend stack data. Vulnerability Impact: These issues could, if exploited, allow a malicious administrator of a guest VM to compromise the host. Affected Software/OS: XenServer versions 7.2, 7.1, 7.0, 6.5, 6.2.0, 6.0.2. Solution: Apply the hotfix referenced in the advisory. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2017-10911 BugTraq ID: 99162 http://www.securityfocus.com/bid/99162 Debian Security Information: DSA-3920 (Google Search) http://www.debian.org/security/2017/dsa-3920 Debian Security Information: DSA-3927 (Google Search) http://www.debian.org/security/2017/dsa-3927 Debian Security Information: DSA-3945 (Google Search) http://www.debian.org/security/2017/dsa-3945 https://security.gentoo.org/glsa/201708-03 https://lists.debian.org/debian-lts-announce/2018/09/msg00007.html http://www.securitytracker.com/id/1038720 Common Vulnerability Exposure (CVE) ID: CVE-2017-10912 BugTraq ID: 99158 http://www.securityfocus.com/bid/99158 Debian Security Information: DSA-3969 (Google Search) http://www.debian.org/security/2017/dsa-3969 https://security.gentoo.org/glsa/201710-17 http://www.securitytracker.com/id/1038721 Common Vulnerability Exposure (CVE) ID: CVE-2017-10913 BugTraq ID: 99411 http://www.securityfocus.com/bid/99411 http://www.securitytracker.com/id/1038722 Common Vulnerability Exposure (CVE) ID: CVE-2017-10914 Common Vulnerability Exposure (CVE) ID: CVE-2017-10915 BugTraq ID: 99174 http://www.securityfocus.com/bid/99174 Common Vulnerability Exposure (CVE) ID: CVE-2017-10917 BugTraq ID: 99157 http://www.securityfocus.com/bid/99157 http://www.securitytracker.com/id/1038731 Common Vulnerability Exposure (CVE) ID: CVE-2017-10918 BugTraq ID: 99161 http://www.securityfocus.com/bid/99161 http://www.securitytracker.com/id/1038732 Common Vulnerability Exposure (CVE) ID: CVE-2017-10920 http://www.securitytracker.com/id/1038734 Common Vulnerability Exposure (CVE) ID: CVE-2017-10921 Common Vulnerability Exposure (CVE) ID: CVE-2017-10922
Copyright	Copyright (C) 2017 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.