similar to: Bug#469654: xen-unstable: CVE-2008-0928 privilege escalation

tags 446771 + patch thanks Hi, attached is a patch to fix this if you don't already have one. Kind regards Nico -- Nico Golde - http://ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted. -------------- next part -------------- A non-text attachment was scrubbed... Name: CVE-2007-4993.patch Type: text/x-diff Size: 4742

Package: xen-3.0 Version: 3.0.3-0-2 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-3.0. CVE-2007-4993[0]: | pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest | domain, allows local users with elevated privileges in the guest domain to | execute arbitrary commands in domain 0 via a crafted grub.conf

Source: xen-unstable Version: 3.0-unstable+hg11561-1 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-unstable. CVE-2007-3919[0]: | (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local | users to truncate arbitrary files via a symlink attack on | /tmp/xenq-shm. If you fix this vulnerability please also include

Processing commands for control at bugs.debian.org: > clone 469654 -1 Bug#469654: xen-unstable: CVE-2008-0928 privilege escalation Bug 469654 cloned as bug 469662. > reassign -1 xen-3 Bug#469662: xen-unstable: CVE-2008-0928 privilege escalation Bug reassigned from package `xen-unstable' to `xen-3'. > retitle -1 xen-3: CVE-2008-0928 privilege escalation Bug#469662: xen-unstable:

Processing commands for control at bugs.debian.org: > clone 469654 -1 Bug#469654: xen-unstable: CVE-2008-0928 privilege escalation Bug 469654 cloned as bug 469666. > reassign -1 kvm Bug#469666: xen-unstable: CVE-2008-0928 privilege escalation Bug reassigned from package `xen-unstable' to `kvm'. > retitle -1 kvm: CVE-2008-0928 privilege escalation Bug#469666: xen-unstable:

Processing commands for control at bugs.debian.org: > # Automatically generated email from bts, devscripts version 2.9.26 > reassign 469662 xen-unstable Bug#469662: xen-3: CVE-2008-0928 privilege escalation Bug reassigned from package `xen-3' to `xen-unstable'. > close 469662 3.3-unstable+hg17192-1 Bug#469662: xen-3: CVE-2008-0928 privilege escalation 'close' is

Processing commands for control at bugs.debian.org: > # Automatically generated email from bts, devscripts version 2.9.26 > reassign 469654 xen-3 Bug#469654: xen-unstable: CVE-2008-0928 privilege escalation Bug reassigned from package `xen-unstable' to `xen-3'. > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system

Processing commands for control at bugs.debian.org: > # Automatically generated email from bts, devscripts version 2.10.16 > fixed 469654 3.2.0-4 Bug#469654: xen-unstable: CVE-2008-0928 privilege escalation Bug marked as fixed in version 3.2.0-4. > End of message, stopping processing here. Please contact me if you need assistance. Debian bug tracking system administrator

Source: xen-unstable Version: 3.3-unstable+hg17602-1 Severity: grave Tags: security, patch Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for xen-unstable. CVE-2008-1943[0]: | Buffer overflow in the backend of XenSource Xen Para Virtualized Frame | Buffer (PVFB) 3.0 through 3.1.2 allows local users to cause a denial | of service (crash) and possibly execute

Package: xen-3 Version: 3.1.0-1 Severity: grave Tags: security patch Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-3. CVE-2007-5907[0]: | Xen 3.1.1 does not prevent modification of the CR4 TSC from | applications, which allows pv guests to cause a denial of service | (crash). CVE-2007-5906[1]: | Xen 3.1.1 allows virtual guest system users to cause a |

I might be stupid and ask an idiot or offensive question, but here it is: "Why was tzdata-2007h [RHEA-2007:0928-05] only released for CentOS 2, when upstream has released it for all the versions?" The guys from X/OS have released it for 5.0 along with the other updates (on Oct. 9). Are the "enhancements"... "not important" as long as they're not "security

Source: xen Version: 4.1.2-2 Severity: critical Tags: security Justification: allows PV domains to escape into the dom0 context Hi, I realize you're most likely pretty well aware of that problem already, but Debian's Xen versions are vulnerable to a PV privilege escalation [1]. The issue is tracked as CVE-2012-0217 and public as of today. Therefore I am filing this bug for coordination

From: "Richard W.M. Jones" <rjones at redhat.com> CVE-2011-4127 is a serious qemu & kernel privilege escalation bug found by Paolo Bonzini. http://seclists.org/oss-sec/2011/q4/536 An untrusted guest kernel is able to issue special SG_IO ioctls on virtio devices which qemu passes through to the host kernel without filtering or sanitizing. These ioctls allow raw sectors from

Hi, I found an advisory (http://www.intel.com/support/network/sb/CS-023726.htm) from intel for their LAN driver for the eepro100 and gigabit network cards. Is the FreeBSD em driver in any way affected by this problem? Looks like it is at least derived from the intel driver. greetings, philipp wuensche

Hi - Looking at https://news.ycombinator.com/item?id=5703758 I have just tried this on a fully patched 6.4 box and it seems vulnerable - Do other see the same? thanks

On 10 May 2011 16:10, "Jamie Landeg Jones" <jamie@bishopston.net> wrote: > > > It used to confuzzle sysadmins on SUNos when the mount point was > > 0700. The underlying mode disapeared when the mount was made, but it > > was still being enforced. Suddenly no one but root could use say /usr > > even though it was apparently 0755 > > I remember that

Do we know if this bug affects Centos? http://www.techworld.com.au/article/413300/linux_vendors_rush_patch_privilege_escalation_flaw_after_root_exploits_emerge The article states that it affects kernel 2.6.39 and above, but since RH backports so much stuff I'm not sure if this would actually include the Centos kernels. -- MELVILLE THEATRE ~ Real D 3D Digital Cinema ~

Package: xen-unstable Severity: grave Tags: security Justification: user security hole Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for xen-unstable. CVE-2008-2004[0]: | The drive_init function in QEMU 0.9.1 determines the format of a raw | disk image based on the header, which allows local guest users to read | arbitrary files on the host by modifying the

Affected product: Dovecot IMAP Server Internal reference: DOV-5320 Vulnerability type: Improper Access Control (CWE-284) Vulnerable version: 2.2 Vulnerable component: submission Report confidence: Confirmed Solution status: Fixed in main Researcher credits: Julian Brook (julezman) Vendor notification: 2022-05-06 CVE reference: CVE-2022-30550 CVSS: 6.8

Affected product: Dovecot IMAP Server Internal reference: DOV-5320 Vulnerability type: Improper Access Control (CWE-284) Vulnerable version: 2.2 Vulnerable component: submission Report confidence: Confirmed Solution status: Fixed in main Researcher credits: Julian Brook (julezman) Vendor notification: 2022-05-06 CVE reference: CVE-2022-30550 CVSS: 6.8