4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
46.3%
Several denial-of-service vulnerabilities have been discovered in Xen, the popular virtualization software. The Common Vulnerabilities and Exposures project identifies the following issues :
CVE-2012-3432 Guest mode unprivileged code, which has been granted the privilege to access MMIO regions, may leverage that access to crash the whole guest. Since this can be used to crash a client from within, this vulnerability is considered to have low impact.
CVE-2012-3433 A guest kernel can cause the host to become unresponsive for a period of time, potentially leading to a DoS.
Since an attacker with full control in the guest can impact the host, this vulnerability is considered to have high impact.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Debian Security Advisory DSA-2531. The text
# itself is copyright (C) Software in the Public Interest, Inc.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(61578);
script_version("1.12");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/11");
script_cve_id("CVE-2012-3432", "CVE-2012-3433");
script_bugtraq_id(54691, 54942);
script_xref(name:"DSA", value:"2531");
script_name(english:"Debian DSA-2531-1 : xen - Denial of Service");
script_summary(english:"Checks dpkg output for the updated package");
script_set_attribute(
attribute:"synopsis",
value:"The remote Debian host is missing a security-related update."
);
script_set_attribute(
attribute:"description",
value:
"Several denial-of-service vulnerabilities have been discovered in Xen,
the popular virtualization software. The Common Vulnerabilities and
Exposures project identifies the following issues :
- CVE-2012-3432
Guest mode unprivileged code, which has been granted the
privilege to access MMIO regions, may leverage that
access to crash the whole guest. Since this can be used
to crash a client from within, this vulnerability is
considered to have low impact.
- CVE-2012-3433
A guest kernel can cause the host to become unresponsive
for a period of time, potentially leading to a DoS.
Since an attacker with full control in the guest can
impact the host, this vulnerability is considered to
have high impact."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683279"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2012-3432"
);
script_set_attribute(
attribute:"see_also",
value:"https://security-tracker.debian.org/tracker/CVE-2012-3433"
);
script_set_attribute(
attribute:"see_also",
value:"https://packages.debian.org/source/squeeze/xen"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.debian.org/security/2012/dsa-2531"
);
script_set_attribute(
attribute:"solution",
value:
"Upgrade the xen packages.
For the stable distribution (squeeze), this problem has been fixed in
version 4.0.1-5.3."
);
script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:xen");
script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0");
script_set_attribute(attribute:"patch_publication_date", value:"2012/08/18");
script_set_attribute(attribute:"plugin_publication_date", value:"2012/08/20");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Debian Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l");
exit(0);
}
include("audit.inc");
include("debian_package.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian");
if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (deb_check(release:"6.0", prefix:"libxen-dev", reference:"4.0.1-5.3")) flag++;
if (deb_check(release:"6.0", prefix:"libxenstore3.0", reference:"4.0.1-5.3")) flag++;
if (deb_check(release:"6.0", prefix:"xen-docs-4.0", reference:"4.0.1-5.3")) flag++;
if (deb_check(release:"6.0", prefix:"xen-hypervisor-4.0-amd64", reference:"4.0.1-5.3")) flag++;
if (deb_check(release:"6.0", prefix:"xen-hypervisor-4.0-i386", reference:"4.0.1-5.3")) flag++;
if (deb_check(release:"6.0", prefix:"xen-utils-4.0", reference:"4.0.1-5.3")) flag++;
if (deb_check(release:"6.0", prefix:"xenstore-utils", reference:"4.0.1-5.3")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());
else security_warning(0);
exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
Vendor | Product | Version | CPE |
---|---|---|---|
debian | debian_linux | xen | p-cpe:/a:debian:debian_linux:xen |
debian | debian_linux | 6.0 | cpe:/o:debian:debian_linux:6.0 |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3432
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3433
bugs.debian.org/cgi-bin/bugreport.cgi?bug=683279
packages.debian.org/source/squeeze/xen
security-tracker.debian.org/tracker/CVE-2012-3432
security-tracker.debian.org/tracker/CVE-2012-3433
www.debian.org/security/2012/dsa-2531