Executive Summary
| Summary | |
|---|---|
| Title | New xen-utils packages fix file truncation |
| Informations | |||
|---|---|---|---|
| Name | DSA-1395 | First vendor Publication | 2007-10-25 |
| Vendor | Debian | Last vendor Modification | 2007-10-25 |
| Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:M/Au:S/C:N/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 6 | Attack Range | Local |
| Cvss Impact Score | 9.2 | Attack Complexity | Medium |
| Cvss Expoit Score | 2.7 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| Steve Kemp from the Debian Security Audit project discovered that xen-utils, a collection of XEN administrative tools, used temporary files insecurely within the xenmon tool allowing local users to truncate arbitrary files. For the stable distribution (etch) this problem has been fixed in version 3.0.3-0-4. For the old stable distribution (sarge) this package was not present. For the unstable distribution (sid) this problem will be fixed soon. We recommend that you upgrade your xen-3.0 (3.0.3-0-4) package. |
Original Source
| Url : http://www.debian.org/security/2007/dsa-1395 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:18680 | |||
| Oval ID: | oval:org.mitre.oval:def:18680 | ||
| Title: | DSA-1395-1 xen-3.0 - insecure temporary files | ||
| Description: | Steve Kemp from the Debian Security Audit project discovered that xen-utils, a collection of XEN administrative tools, used temporary files insecurely within the xenmon tool allowing local users to truncate arbitrary files. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1395-1 CVE-2007-3919 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | xen-3.0 |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:9913 | |||
| Oval ID: | oval:org.mitre.oval:def:9913 | ||
| Title: | (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm. | ||
| Description: | (1) xenbaked and (2) xenmon.py in Xen 3.1 and earlier allow local users to truncate arbitrary files via a symlink attack on /tmp/xenq-shm. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2007-3919 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 2 |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-04-09 | Name : Mandriva Update for xen MDKSA-2007:203 (xen) File : nvt/gb_mandriva_MDKSA_2007_203.nasl |
| 2009-03-06 | Name : RedHat Update for xen RHSA-2008:0194-01 File : nvt/gb_RHSA-2008_0194-01_xen.nasl |
| 2009-02-27 | Name : Fedora Update for xen FEDORA-2007-2708 File : nvt/gb_fedora_2007_2708_xen_fc7.nasl |
| 2009-02-27 | Name : Fedora Update for xen FEDORA-2007-737 File : nvt/gb_fedora_2007_737_xen_fc6.nasl |
| 2009-02-16 | Name : Fedora Update for xen FEDORA-2008-2083 File : nvt/gb_fedora_2008_2083_xen_fc7.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 1395-1 (xen-utils) File : nvt/deb_1395_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 41343 | Xen xenmon.py /tmp/xenq-shm Symlink Arbitrary File Truncation |
| 41342 | Xen xenbaked /tmp/xenq-shm Symlink Arbitrary File Truncation |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2008-0194.nasl - Type : ACT_GATHER_INFO |
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20080513_xen_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2008-0194.nasl - Type : ACT_GATHER_INFO |
| 2008-05-16 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2008-0194.nasl - Type : ACT_GATHER_INFO |
| 2008-02-29 | Name : The remote Fedora host is missing a security update. File : fedora_2008-2083.nasl - Type : ACT_GATHER_INFO |
| 2007-11-14 | Name : The remote openSUSE host is missing a security update. File : suse_xen-4616.nasl - Type : ACT_GATHER_INFO |
| 2007-11-06 | Name : The remote Fedora host is missing a security update. File : fedora_2007-2708.nasl - Type : ACT_GATHER_INFO |
| 2007-11-06 | Name : The remote Fedora Core host is missing a security update. File : fedora_2007-737.nasl - Type : ACT_GATHER_INFO |
| 2007-11-02 | Name : The remote Mandrake Linux host is missing a security update. File : mandrake_MDKSA-2007-203.nasl - Type : ACT_GATHER_INFO |
| 2007-10-26 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1395.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:26:58 |
|
