English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.4.2015.1643.1
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2015:1643-1)
Summary:The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2015:1643-1 advisory.
Description:Summary:
The remote host is missing an update for the 'Xen' package(s) announced via the SUSE-SU-2015:1643-1 advisory.

Vulnerability Insight:
Xen was updated to fix the following security issues:
CVE-2015-5154: Host code execution via IDE subsystem CD-ROM. (bsc#938344)
CVE-2015-3209: Heap overflow in QEMU's pcnet controller allowing guest to host escape. (bsc#932770)
CVE-2015-4164: DoS through iret hypercall handler. (bsc#932996)
CVE-2015-5165: QEMU leak of uninitialized heap memory in rtl8139 device model. (XSA-140, bsc#939712)
Security Issues:
CVE-2015-5154 CVE-2015-3209 CVE-2015-4164 CVE-2015-5165

Affected Software/OS:
'Xen' package(s) on SUSE Linux Enterprise Server 10-SP4.

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-3209
1032545
http://www.securitytracker.com/id/1032545
75123
http://www.securityfocus.com/bid/75123
DSA-3284
http://www.debian.org/security/2015/dsa-3284
DSA-3285
http://www.debian.org/security/2015/dsa-3285
DSA-3286
http://www.debian.org/security/2015/dsa-3286
FEDORA-2015-10001
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160669.html
FEDORA-2015-9965
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160685.html
FEDORA-2015-9978
http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160677.html
GLSA-201510-02
https://security.gentoo.org/glsa/201510-02
GLSA-201604-03
https://security.gentoo.org/glsa/201604-03
RHSA-2015:1087
http://rhn.redhat.com/errata/RHSA-2015-1087.html
RHSA-2015:1088
http://rhn.redhat.com/errata/RHSA-2015-1088.html
RHSA-2015:1089
http://rhn.redhat.com/errata/RHSA-2015-1089.html
RHSA-2015:1189
http://rhn.redhat.com/errata/RHSA-2015-1189.html
SUSE-SU-2015:1042
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00004.html
SUSE-SU-2015:1045
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00007.html
SUSE-SU-2015:1152
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00027.html
SUSE-SU-2015:1156
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00029.html
SUSE-SU-2015:1157
http://lists.opensuse.org/opensuse-security-announce/2015-06/msg00030.html
SUSE-SU-2015:1206
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00014.html
SUSE-SU-2015:1426
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00020.html
SUSE-SU-2015:1519
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00015.html
SUSE-SU-2015:1643
http://lists.opensuse.org/opensuse-security-announce/2015-09/msg00027.html
USN-2630-1
http://www.ubuntu.com/usn/USN-2630-1
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
http://xenbits.xen.org/xsa/advisory-135.html
https://kb.juniper.net/JSA10783
https://www.arista.com/en/support/advisories-notices/security-advisories/1180-security-advisory-13
Common Vulnerability Exposure (CVE) ID: CVE-2015-4164
BugTraq ID: 75149
http://www.securityfocus.com/bid/75149
Debian Security Information: DSA-3286 (Google Search)
http://www.securitytracker.com/id/1032569
SuSE Security Announcement: SUSE-SU-2015:1042 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1045 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1156 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1157 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1206 (Google Search)
SuSE Security Announcement: SUSE-SU-2015:1643 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2015-5154
1033074
http://www.securitytracker.com/id/1033074
76048
http://www.securityfocus.com/bid/76048
DSA-3348
http://www.debian.org/security/2015/dsa-3348
FEDORA-2015-12657
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163658.html
FEDORA-2015-12679
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163472.html
FEDORA-2015-12714
http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163681.html
RHSA-2015:1507
http://rhn.redhat.com/errata/RHSA-2015-1507.html
RHSA-2015:1508
http://rhn.redhat.com/errata/RHSA-2015-1508.html
RHSA-2015:1512
http://rhn.redhat.com/errata/RHSA-2015-1512.html
SUSE-SU-2015:1299
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00041.html
SUSE-SU-2015:1302
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00042.html
SUSE-SU-2015:1409
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00017.html
SUSE-SU-2015:1421
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00018.html
SUSE-SU-2015:1455
http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00022.html
SUSE-SU-2015:1782
http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00019.html
http://support.citrix.com/article/CTX201593
http://xenbits.xen.org/xsa/advisory-138.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-5165
1033176
http://www.securitytracker.com/id/1033176
76153
http://www.securityfocus.com/bid/76153
DSA-3349
http://www.debian.org/security/2015/dsa-3349
FEDORA-2015-14361
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/165373.html
FEDORA-2015-15944
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167820.html
FEDORA-2015-15946
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/167792.html
RHSA-2015:1674
http://rhn.redhat.com/errata/RHSA-2015-1674.html
RHSA-2015:1683
http://rhn.redhat.com/errata/RHSA-2015-1683.html
RHSA-2015:1739
http://rhn.redhat.com/errata/RHSA-2015-1739.html
RHSA-2015:1740
http://rhn.redhat.com/errata/RHSA-2015-1740.html
RHSA-2015:1793
http://rhn.redhat.com/errata/RHSA-2015-1793.html
RHSA-2015:1833
http://rhn.redhat.com/errata/RHSA-2015-1833.html
http://support.citrix.com/article/CTX201717
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://xenbits.xen.org/xsa/advisory-140.html
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.