Displaying 20 results from an estimated 300 matches similar to: "Bug#677221: xen: Xen PV privilege escalation (CVE-2012-0217)"
2012 Jun 12
2
Bug#677244: xen-utils-common: xen-toolstack fails if either `xm` or `xl` is not found in xen-dir
Package: xen-utils-common
Version: 4.1.2-7
Severity: grave
Tags: patch
Justification: renders package unusable
Dear Maintainer,
The script /usr/lib/xen-common/bin/xen-toolstack improperly aborts if *either*
`xm` or `xl` cannot be found in the xen-dir (/usr/lib/xen-4.0/bin). This means
that a default installation (e.g. following Debian wiki on the subject, namely
installing xen-linux-system and
2012 Jun 14
11
PV privilege escalation - advisory
Hello,
we are using 3.4.3 from Gitco.de on 64bit Centos 5.8 and we have PV
guests 64bit.
According to described security bug we are in danger.
What do you suggest? Wait for gitco update or build xen own with patch?
Br
Peter
2012 Jul 09
1
Processed: closing 587090
Processing commands for control at bugs.debian.org:
> close 587090 4.1.0~rc6-1
Bug #587090 [xen-utils-4.0] xen-utils-4.0: Exception starting xend ('NoneType' object has no attribute 'rfind')
There is no source info for the package 'xen-utils-4.0' at version '4.1.0~rc6-1' with architecture ''
Unable to make a source version for version
2012 Jul 02
0
Processed: fixed 677221 in 4.0.1-5.2
Processing commands for control at bugs.debian.org:
> fixed 677221 4.0.1-5.2
Bug #677221 {Done: Bastian Blank <waldi at debian.org>} [src:xen] xen: Xen PV privilege escalation (CVE-2012-0217)
Marked as fixed in versions xen/4.0.1-5.2.
> thanks
Stopping processing here.
Please contact me if you need assistance.
--
677221: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677221
Debian
2006 Dec 06
0
Intel LAN Driver Buffer Overflow Local Privilege Escalation
Hi,
I found an advisory
(http://www.intel.com/support/network/sb/CS-023726.htm) from intel for
their LAN driver for the eepro100 and gigabit network cards.
Is the FreeBSD em driver in any way affected by this problem? Looks like
it is at least derived from the intel driver.
greetings,
philipp wuensche
2013 May 14
3
Local Privilege Escalation
Hi - Looking at
https://news.ycombinator.com/item?id=5703758
I have just tried this on a fully patched 6.4 box and it seems vulnerable -
Do other see the same?
thanks
2011 May 10
1
Rooting FreeBSD , Privilege Escalation using Jails (P??????tur)
On 10 May 2011 16:10, "Jamie Landeg Jones" <jamie@bishopston.net> wrote:
>
> > It used to confuzzle sysadmins on SUNos when the mount point was
> > 0700. The underlying mode disapeared when the mount was made, but it
> > was still being enforced. Suddenly no one but root could use say /usr
> > even though it was apparently 0755
>
> I remember that
2012 Jan 26
2
Local privilege escalation bug in kernel
Do we know if this bug affects Centos?
http://www.techworld.com.au/article/413300/linux_vendors_rush_patch_privilege_escalation_flaw_after_root_exploits_emerge
The article states that it affects kernel 2.6.39 and above, but since RH
backports so much stuff I'm not sure if this would actually include the Centos
kernels.
--
MELVILLE THEATRE ~ Real D 3D Digital Cinema ~
2007 Sep 28
0
Bug#444430: CVE-2007-4993 privilege escalation
Package: xen-3.0
Version: 3.0.3-0-2
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xen-3.0.
CVE-2007-4993[0]:
| pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest
| domain, allows local users with elevated privileges in the guest domain to
| execute arbitrary commands in domain 0 via a crafted grub.conf
2007 Oct 15
1
Bug#446771: CVE-2007-4993 privilege escalation
tags 446771 + patch
thanks
Hi,
attached is a patch to fix this if you don't already have
one.
Kind regards
Nico
--
Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CVE-2007-4993.patch
Type: text/x-diff
Size: 4742
2008 Jul 12
0
Bug#490411: CVE-2008-2004: privilege escalation
Package: xen-unstable
Severity: grave
Tags: security
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xen-unstable.
CVE-2008-2004[0]:
| The drive_init function in QEMU 0.9.1 determines the format of a raw
| disk image based on the header, which allows local guest users to read
| arbitrary files on the host by modifying the
2011 Dec 22
0
[PATCH] Security: Mitigate possible privilege escalation via SG_IO ioctl (CVE-2011-4127, RHBZ#757071)
From: "Richard W.M. Jones" <rjones at redhat.com>
CVE-2011-4127 is a serious qemu & kernel privilege escalation bug
found by Paolo Bonzini.
http://seclists.org/oss-sec/2011/q4/536
An untrusted guest kernel is able to issue special SG_IO ioctls on
virtio devices which qemu passes through to the host kernel without
filtering or sanitizing. These ioctls allow raw sectors from
2008 Mar 06
1
Bug#469654: xen-unstable: CVE-2008-0928 privilege escalation
Package: xen-unstable
Severity: grave
Tags: security patch
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xen-unstable.
CVE-2008-0928[0]:
| Qemu 0.9.1 and earlier does not perform range checks for block device
| read or write requests, which allows guest host users with root
| privileges to access arbitrary memory and escape the virtual machine.
If you fix
2022 Jul 06
1
CVE-2022-30550: Privilege escalation possible in dovecot when similar master and non-master passdbs are used
Affected product: Dovecot IMAP Server
Internal reference: DOV-5320
Vulnerability type: Improper Access Control (CWE-284)
Vulnerable version: 2.2
Vulnerable component: submission
Report confidence: Confirmed
Solution status: Fixed in main
Researcher credits: Julian Brook (julezman)
Vendor notification: 2022-05-06
CVE reference: CVE-2022-30550
CVSS: 6.8
2008 Jul 12
3
Bug#490409: CVE-2008-2004: privilege escalation
Package: xen-3
Severity: grave
Tags: security
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xen-3.
CVE-2008-2004[0]:
| The drive_init function in QEMU 0.9.1 determines the format of a raw
| disk image based on the header, which allows local guest users to read
| arbitrary files on the host by modifying the header to identify
2008 Oct 14
5
dtrace_kernel and privilege escalation
hey..
I talked to my sysadmins about getting access to the dtrace_kernel role, and they said they were hesitant to give this out because they thought it was a security risk - ie: that you could use it for privilege escalation.
How true is this? Is there a way to make it user safe? If not, why is it offered as an option for regular users?
Thanks much,
Ed
--
This message posted from
2015 May 13
0
Xen Security Advisory 133 (CVE-2015-3456) - Privilege escalation via emulated floppy disk drive
xen-4.4.2-2, available from the virt6-testing repository, includes the
fix for this issue.
Note that Xen actually does attempt to disable the floppy disk for HVM
domains by default, but due to a bug in qemu, the floppy disk only
partially disabled; enough functionality to exploit this bug remains.
This should be available from the normal xen4 repositories sometime
this afternoon.
-George
2007 Jul 12
1
Urgent, Security: Privilege Escalation in 3.0.24?
Hi list,
we have spotted a serious problem with our Samba
(Debian version 3.0.24-6) on linux 2.4.31, ext2 with ACLs enabled.
We use "hide unreadable = yes" to reduce clutter for our
users. Today we noticed that with this option enabled any
linux client can access and read *all* directories under the
share, even directories that are owned by root and set to 0700.
No ACLs are set on the
2012 May 01
1
Bug#671018: [xen-utils-common] qemu-ifup breaks networking by changing mac address
Package: xen-utils-common
Version: 4.0.0-1
Severity: important
Tags: patch
--- Please enter the report below this line. ---
when you use "hardware" virtual machine (with qemu) with xen
configured for bridging
the network script treates a tap interface and then
/etc/xen/scripts/qemu-ifup adds it to the bridge.
That would be ok but tap interfaces have a random mac address and the
bridge
2005 Dec 30
5
rssh: root privilege escalation flaw
Affected Software: rssh - all versions prior to 2.3.0
Vulnerability: local user privilege escalation
Severity: *CRITICAL*
Impact: local users can gain root access
Solution: Please upgrade to v2.3.1
Summary
-------
rssh is a restricted shell which allows a system administrator to
limit users' access to a system via SSH to scp, sftp, rsync, rdist,
and cvs. It also allows the system