English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.59609
Category:Fedora Local Security Checks
Title:Fedora Core 6 FEDORA-2007-713 (xen)
Summary:NOSUMMARY
Description:Description:

The remote host is missing an update to xen
announced via advisory FEDORA-2007-713.

This package contains the Xen hypervisor and Xen tools, needed to
run virtual machines on x86 systems, together with the kernel-xen*
packages. Information on how to use Xen can be found at the Xen
project pages.

Virtualisation can be used to run multiple versions or multiple
Linux distributions on one system, or to test untrusted applications
in a sandboxed environment.

Update Information:

Fixes a security flaw in pygrub handling of config files and
a denial-of-service case in ne2k NIC for QEMU.
* Wed Sep 26 2007 Chris Lalancette - 3.0.3-12.fc6
- QEmu cirrus bitblit bounds check - CVE-2007-1320 (rhbz #238723)
- QEmu NE2000 overflow check - CVE-2007-1321 (rhbz #238723)
- Pygrub guest escape - CVE-2007-4993
* Wed Aug 1 2007 Markus Armbruster - 3.0.3-11.fc6
- VNC keymap fixes
- Fix race conditions in LibVNCServer on client disconnect (bz 240012)
* Thu Jun 21 2007 Markus Armbruster - 3.0.3-10.fc6
- Create xend-debug.log with sane permissions (bz 219868)

Solution: Apply the appropriate updates.

This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/


This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.


http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2007-713

Risk factor : High

CVSS Score:
7.2

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2007-1320
BugTraq ID: 23731
http://www.securityfocus.com/bid/23731
Debian Security Information: DSA-1284 (Google Search)
http://www.debian.org/security/2007/dsa-1284
Debian Security Information: DSA-1384 (Google Search)
http://www.debian.org/security/2007/dsa-1384
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00082.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00706.html
https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00935.html
http://www.mandriva.com/security/advisories?name=MDKSA-2007:203
http://www.mandriva.com/security/advisories?name=MDVSA-2008:162
http://taviso.decsystem.org/virtsec.pdf
http://osvdb.org/35494
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10315
http://www.redhat.com/support/errata/RHSA-2007-0323.html
http://secunia.com/advisories/25073
http://secunia.com/advisories/25095
http://secunia.com/advisories/27047
http://secunia.com/advisories/27085
http://secunia.com/advisories/27103
http://secunia.com/advisories/27486
http://secunia.com/advisories/29129
http://secunia.com/advisories/30413
http://secunia.com/advisories/33568
SuSE Security Announcement: SUSE-SR:2009:002 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-01/msg00004.html
http://www.vupen.com/english/advisories/2007/1597
Common Vulnerability Exposure (CVE) ID: CVE-2007-1321
https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00030.html
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html
http://osvdb.org/35495
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9302
http://securitytracker.com/id?1018761
http://secunia.com/advisories/27072
http://www.attrition.org/pipermail/vim/2007-October/001842.html
Common Vulnerability Exposure (CVE) ID: CVE-2007-4993
20071008 rPSA-2007-0210-1 xen
http://www.securityfocus.com/archive/1/481825/100/0/threaded
25825
http://www.securityfocus.com/bid/25825
26986
http://secunia.com/advisories/26986
27047
27072
27085
27103
27141
http://secunia.com/advisories/27141
27161
http://secunia.com/advisories/27161
27486
ADV-2007-3348
http://www.vupen.com/english/advisories/2007/3348
DSA-1384
FEDORA-2007-2270
FEDORA-2007-2708
FEDORA-2007-713
MDKSA-2007:203
RHSA-2007:0323
USN-527-1
http://www.ubuntu.com/usn/usn-527-1
http://bugzilla.xensource.com/bugzilla/show_bug.cgi?id=1068
https://issues.rpath.com/browse/RPL-1752
oval:org.mitre.oval:def:11240
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11240
CopyrightCopyright (c) 2007 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.