Lucene search

K

Veracode Vulnerability DatabaseVERACODE:23423

HistoryApr 10, 2020 - 12:26 a.m.

Symbolic Link Attack

2020-04-1000:26:28

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

7

0.0004 Low

EPSS

Percentile

10.1%

xen is vulnerable to symbolic link attack. The xenbaked daemon and the XenMon utility communicated via an insecure temporary file. A malicious local administrator of a guest domain could perform a symbolic link attack, causing arbitrary files to be truncated.

CPENameOperatorVersion
xeneq3.0.3__25.0.3.el5
xeneq3.0.3__25.el5
xeneq3.0.3__25.0.4.el5
xeneq3.0.3__25.0.3.el5
xeneq3.0.3__25.el5
xeneq3.0.3__25.0.4.el5

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=447795

osvdb.org/41342

osvdb.org/41343

secunia.com/advisories/27389

secunia.com/advisories/27408

secunia.com/advisories/27486

secunia.com/advisories/27497

secunia.com/advisories/29963

www.debian.org/security/2007/dsa-1395

www.mandriva.com/security/advisories?name=MDKSA-2007:203

www.redhat.com/security/updates/classification/#important

www.redhat.com/support/errata/RHSA-2008-0194.html

www.securityfocus.com/bid/26190

www.securitytracker.com/id?1018859

www.vupen.com/english/advisories/2007/3621

access.redhat.com/errata/RHSA-2008:0194

exchange.xforce.ibmcloud.com/vulnerabilities/37403

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9913

www.redhat.com/archives/fedora-package-announce/2007-November/msg00004.html

www.redhat.com/archives/fedora-package-announce/2007-November/msg00075.html

0.0004 Low

EPSS

Percentile

10.1%

Related for VERACODE:23423

prion1 openvas13 fedora3 debian1 osv1 nvd1 cve1 nessus10 cvelist1 ubuntucve1 oraclelinux1 redhat1 centos1