Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3041-1:27A1F
HistoryOct 01, 2014 - 12:22 p.m.

[SECURITY] [DSA 3041-1] xen security update

2014-10-0112:22:02
lists.debian.org
15

8.3 High

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.0%

JSON

Debian Security Advisory DSA-3041-1 [email protected]
http://www.debian.org/security/ Moritz Muehlenhoff
October 01, 2014 http://www.debian.org/security/faq

Package : xen
CVE ID : CVE-2013-2072 CVE-2014-7154 CVE-2014-7155 CVE-2014-7156
CVE-2014-7188

Multiple security issues have been discovered in the Xen virtualisation
solution which may result in denial of service, information disclosure
or privilege escalation.

For the stable distribution (wheezy), these problems have been fixed in
version 4.1.4-3+deb7u3.

For the unstable distribution (sid), these problems will be fixed soon.

We recommend that you upgrade your xen packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7i386xenstore-utils< 4.1.4-3+deb7u3xenstore-utils_4.1.4-3+deb7u3_i386.deb
Debian7amd64libxen-dev< 4.1.4-3+deb7u3libxen-dev_4.1.4-3+deb7u3_amd64.deb
Debian7i386xen-hypervisor-4.1-i386< 4.1.4-3+deb7u3xen-hypervisor-4.1-i386_4.1.4-3+deb7u3_i386.deb
Debian7i386libxenstore3.0< 4.1.4-3+deb7u3libxenstore3.0_4.1.4-3+deb7u3_i386.deb
Debian7i386libxen-ocaml< 4.1.4-3+deb7u3libxen-ocaml_4.1.4-3+deb7u3_i386.deb
Debian7allxen-docs-4.1< 4.1.4-3+deb7u3xen-docs-4.1_4.1.4-3+deb7u3_all.deb
Debian7i386libxen-ocaml-dev< 4.1.4-3+deb7u3libxen-ocaml-dev_4.1.4-3+deb7u3_i386.deb
Debian7amd64xen-system-amd64< 4.1.4-3+deb7u3xen-system-amd64_4.1.4-3+deb7u3_amd64.deb
Debian7i386xen-system-amd64< 4.1.4-3+deb7u3xen-system-amd64_4.1.4-3+deb7u3_i386.deb
Debian7allxen-utils-common< 4.1.4-3+deb7u3xen-utils-common_4.1.4-3+deb7u3_all.deb
Rows per page:
1-10 of 231

Related

nessus 26
openvas 63
securityvulns 2
osv 1
gentoo 1
fedora 35
suse 4
cve 5
prion 5
cvelist 5
xen 5
ubuntucve 5
nvd 5
debiancve 5
mageia 1
nessus
nessus
Debian DSA-3041-1 : xen - security update
2014-10-02 00:00:00
GLSA-201412-42 : Xen: Denial of Service
2014-12-29 00:00:00
Fedora 20 : xen-4.3.3-3.fc20 (2014-12036)
2014-10-12 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3041-1)
2014-09-30 00:00:00
Debian Security Advisory DSA 3041-1 (xen - security update)
2014-10-01 00:00:00
Gentoo Security Advisory GLSA 201412-42
2015-09-29 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3041-1] xen security update
2014-10-14 00:00:00
Xen multiple security vulnerabilities
2014-10-14 00:00:00
osv
osv
xen - security update
2014-10-01 00:00:00
gentoo
gentoo
Xen: Denial of service
2014-12-26 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: xen-4.4.1-4.fc21
2014-09-29 03:54:01
[SECURITY] Fedora 21 Update: xen-4.4.1-6.fc21
2014-10-08 19:08:52
[SECURITY] Fedora 19 Update: xen-4.2.2-5.fc19
2013-05-27 03:26:42
suse
suse
xen: security and bugfix update (important)
2014-10-09 13:09:07
xen: security and bugfix update (important)
2014-10-09 13:04:44
Security update for Xen (important)
2013-06-25 19:04:17
cve
cve
CVE-2014-7155
2014-10-02 14:55:05
CVE-2014-7154
2014-10-02 14:55:05
CVE-2014-7156
2014-10-02 14:55:05
prion
prion
Information disclosure
2014-10-02 14:55:00
Race condition
2014-10-02 14:55:00
Design/Logic Flaw
2014-10-02 14:55:00
cvelist
cvelist
CVE-2014-7155
2014-10-02 14:00:00
CVE-2014-7154
2014-10-02 14:00:00
CVE-2014-7156
2014-10-02 14:00:00
xen
xen
Race condition in HVMOP_track_dirty_vram
2014-09-23 12:00:00
Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation
2014-09-23 12:00:00
Improper MSR range used for x2APIC emulation
2014-10-01 12:00:00
ubuntucve
ubuntucve
CVE-2014-7154
2014-10-02 00:00:00
CVE-2014-7156
2014-10-02 00:00:00
CVE-2014-7155
2014-10-02 00:00:00
nvd
nvd
CVE-2014-7155
2014-10-02 14:55:05
CVE-2014-7154
2014-10-02 14:55:05
CVE-2013-2072
2013-08-28 21:55:08
debiancve
debiancve
CVE-2014-7155
2014-10-02 14:55:05
CVE-2014-7154
2014-10-02 14:55:05
CVE-2014-7188
2014-10-02 14:55:05
mageia
mageia
Updated xen package fixes security issues
2013-07-01 23:17:22

8.3 High

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

6.9 Medium

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.0%

JSON
Related for DEBIAN:DSA-3041-1:27A1F
nessus26openvas63securityvulns2osv1gentoo1fedora35suse4cve5prion5cvelist5xen5ubuntucve5nvd5debiancve5mageia1