Citrix Xenserver Local Security Checks : Citrix XenServer Multiple Security Updates (CTX140984)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.105145

Categoría: Citrix Xenserver Local Security Checks

Título: Citrix XenServer Multiple Security Updates (CTX140984)

Resumen: A number of security vulnerabilities have been identified in Citrix XenServer.; These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix; XenServer 6.2 Service Pack 1.

Descripción: Summary:
A number of security vulnerabilities have been identified in Citrix XenServer.
These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix
XenServer 6.2 Service Pack 1.

Vulnerability Insight:
The following vulnerabilities have been addressed:

- CVE-2014-4021: Citrix XenServer potential guest information leak through hypervisor page reuse

- CVE-2014-4947: Buffer overflow in Citrix XenServer HVM graphics console support

- CVE-2014-4948: Citrix XenServer guest denial of service and information leak through guest VHD modification

Affected Software/OS:
Citrix XenServer 6.2 Service Pack 1

Citrix XenServer 6.1

Citrix XenServer 6.0.2

Citrix XenServer 6.0.0

Solution:
Apply the hotfix referenced in the advisory.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-4021
BugTraq ID: 68070
http://www.securityfocus.com/bid/68070
Debian Security Information: DSA-3006 (Google Search)
http://www.debian.org/security/2014/dsa-3006
http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135071.html
http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135068.html
http://security.gentoo.org/glsa/glsa-201407-03.xml
http://www.securitytracker.com/id/1030442
http://secunia.com/advisories/59208
http://secunia.com/advisories/60027
http://secunia.com/advisories/60130
http://secunia.com/advisories/60471
SuSE Security Announcement: openSUSE-SU-2014:1279 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html
SuSE Security Announcement: openSUSE-SU-2014:1281 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html
Common Vulnerability Exposure (CVE) ID: CVE-2014-4947
BugTraq ID: 68659
http://www.securityfocus.com/bid/68659
http://www.securitytracker.com/id/1030604
XForce ISS Database: citrix-xenserver-cve20144947-bo(94631)
https://exchange.xforce.ibmcloud.com/vulnerabilities/94631
Common Vulnerability Exposure (CVE) ID: CVE-2014-4948
BugTraq ID: 68660
http://www.securityfocus.com/bid/68660
XForce ISS Database: xenserver-cve20144948-dos(94632)
https://exchange.xforce.ibmcloud.com/vulnerabilities/94632

Copyright Copyright (C) 2014 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.105145
Categoría:	Citrix Xenserver Local Security Checks
Título:	Citrix XenServer Multiple Security Updates (CTX140984)
Resumen:	A number of security vulnerabilities have been identified in Citrix XenServer.; These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix; XenServer 6.2 Service Pack 1.
Descripción:	Summary: A number of security vulnerabilities have been identified in Citrix XenServer. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 6.2 Service Pack 1. Vulnerability Insight: The following vulnerabilities have been addressed: - CVE-2014-4021: Citrix XenServer potential guest information leak through hypervisor page reuse - CVE-2014-4947: Buffer overflow in Citrix XenServer HVM graphics console support - CVE-2014-4948: Citrix XenServer guest denial of service and information leak through guest VHD modification Affected Software/OS: Citrix XenServer 6.2 Service Pack 1 Citrix XenServer 6.1 Citrix XenServer 6.0.2 Citrix XenServer 6.0.0 Solution: Apply the hotfix referenced in the advisory. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-4021 BugTraq ID: 68070 http://www.securityfocus.com/bid/68070 Debian Security Information: DSA-3006 (Google Search) http://www.debian.org/security/2014/dsa-3006 http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135071.html http://lists.fedoraproject.org/pipermail/package-announce/2014-July/135068.html http://security.gentoo.org/glsa/glsa-201407-03.xml http://www.securitytracker.com/id/1030442 http://secunia.com/advisories/59208 http://secunia.com/advisories/60027 http://secunia.com/advisories/60130 http://secunia.com/advisories/60471 SuSE Security Announcement: openSUSE-SU-2014:1279 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00002.html SuSE Security Announcement: openSUSE-SU-2014:1281 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00003.html Common Vulnerability Exposure (CVE) ID: CVE-2014-4947 BugTraq ID: 68659 http://www.securityfocus.com/bid/68659 http://www.securitytracker.com/id/1030604 XForce ISS Database: citrix-xenserver-cve20144947-bo(94631) https://exchange.xforce.ibmcloud.com/vulnerabilities/94631 Common Vulnerability Exposure (CVE) ID: CVE-2014-4948 BugTraq ID: 68660 http://www.securityfocus.com/bid/68660 XForce ISS Database: xenserver-cve20144948-dos(94632) https://exchange.xforce.ibmcloud.com/vulnerabilities/94632
Copyright	Copyright (C) 2014 Greenbone AG