Lucene search
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.SL_20161220_XEN_ON_SL5_X.NASLHistoryDec 21, 2016 - 12:00 a.m.
Scientific Linux Security Update : xen on SL5.x i386/x86_64 (20161220)
2016-12-2100:00:00
This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
16
3.7 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
7.5 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
26.7%
Security Fix(es) :
- An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bit address parameter. A privileged guest user/process could use this flaw to potentially escalate their privileges on a host. (CVE-2016-9637)
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text is (C) Scientific Linux.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(95985);
script_version("3.7");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/14");
script_cve_id("CVE-2016-9637");
script_name(english:"Scientific Linux Security Update : xen on SL5.x i386/x86_64 (20161220)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:
"The remote Scientific Linux host is missing one or more security
updates."
);
script_set_attribute(
attribute:"description",
value:
"Security Fix(es) :
- An out of bounds array access issue was found in the Xen
virtual machine monitor, built with the QEMU ioport
support. It could occur while doing ioport read/write
operations, if guest was to supply a 32bit address
parameter. A privileged guest user/process could use
this flaw to potentially escalate their privileges on a
host. (CVE-2016-9637)"
);
# https://listserv.fnal.gov/scripts/wa.exe?A2=ind1612&L=scientific-linux-errata&F=&S=&P=17477
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?332d0cde"
);
script_set_attribute(attribute:"solution", value:"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xen");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xen-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xen-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:xen-libs");
script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2017/02/17");
script_set_attribute(attribute:"patch_publication_date", value:"2016/12/20");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/12/21");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Scientific Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
os_ver = os_ver[1];
if (! preg(pattern:"^5([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 5.x", "Scientific Linux " + os_ver);
if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
flag = 0;
if (rpm_check(release:"SL5", reference:"xen-3.0.3-148.el5_11")) flag++;
if (rpm_check(release:"SL5", reference:"xen-debuginfo-3.0.3-148.el5_11")) flag++;
if (rpm_check(release:"SL5", reference:"xen-devel-3.0.3-148.el5_11")) flag++;
if (rpm_check(release:"SL5", reference:"xen-libs-3.0.3-148.el5_11")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_NOTE,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "xen / xen-debuginfo / xen-devel / xen-libs");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| fermilab | scientific_linux | xen | p-cpe:/a:fermilab:scientific_linux:xen |
| fermilab | scientific_linux | xen-debuginfo | p-cpe:/a:fermilab:scientific_linux:xen-debuginfo |
| fermilab | scientific_linux | xen-devel | p-cpe:/a:fermilab:scientific_linux:xen-devel |
| fermilab | scientific_linux | xen-libs | p-cpe:/a:fermilab:scientific_linux:xen-libs |
| fermilab | scientific_linux | x-cpe:/o:fermilab:scientific_linux |
Related
redhatcve
redhatcve
CVE-2016-9637
2016-12-06 13:17:27
openvas
openvas
CentOS Update for xen CESA-2016:2963 centos5
2016-12-21 00:00:00
RedHat Update for xen RHSA-2016:2963-01
2016-12-21 00:00:00
Debian: Security Advisory (DLA-1270-1)
2018-02-20 00:00:00
xen
xen
qemu ioport array overflow
2016-12-06 12:00:00
debiancve
debiancve
CVE-2016-9637
2017-02-17 02:59:13
redhat
redhat
(RHSA-2016:2963) Important: xen security update
2016-12-20 00:00:00
ubuntucve
ubuntucve
CVE-2016-9637
2017-02-17 00:00:00
nessus
nessus
OracleVM 3.3 : xen (OVMSA-2016-0171)
2016-12-08 00:00:00
Citrix XenServer QEMU ioport Array Overflow Guest-to-Host Privilege Escalation (CTX219136)
2016-12-09 00:00:00
RHEL 5 : xen (RHSA-2016:2963)
2016-12-21 00:00:00
citrix
citrix
CVE-2016-9637 - Citrix XenServer Security Update
2016-12-06 05:00:00
prion
prion
Security feature bypass
2017-02-17 02:59:00
centos
centos
xen security update
2016-12-20 16:58:37
veracode
veracode
Privilege Escalation
2019-01-15 09:15:00
cve
cve
CVE-2016-9637
2017-02-17 02:59:13
nvd
nvd
CVE-2016-9637
2017-02-17 02:59:13
cvelist
cvelist
CVE-2016-9637
2017-02-16 18:00:00
oraclelinux
oraclelinux
xen security update
2016-12-20 00:00:00
osv
osv
xen - security update
2018-02-06 00:00:00
debian
debian
[SECURITY] [DLA 1270-1] xen security update
2018-02-06 12:35:00
fedora
fedora
[SECURITY] Fedora 23 Update: xen-4.5.5-5.fc23
2016-12-19 01:27:21
[SECURITY] Fedora 24 Update: xen-4.6.4-4.fc24
2016-12-23 13:51:19
suse
suse
Security update for xen (important)
2016-12-27 17:11:00
Security update for xen (important)
2016-12-07 20:07:43
Security update for xen (important)
2016-12-16 16:07:44
gentoo
gentoo
Xen: Multiple vulnerabilities
2016-12-31 00:00:00
mageia
mageia
Updated xen packages fix security vulnerability
2017-01-09 23:29:57
3.7 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:H/Au:N/C:P/I:P/A:P
7.5 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
26.7%
Related for SL_20161220_XEN_ON_SL5_X.NASL