9.3 - GLSA-201309-24

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	Xen: Multiple vulnerabilities

Informations
Name	GLSA-201309-24	First vendor Publication	2013-09-27
Vendor	Gentoo	Last vendor Modification	2013-09-27
Severity (Vendor)	High	Revision	N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Synopsis

Multiple vulnerabilities have been found in Xen, allowing attackers on a Xen Virtual Machine to execute arbitrary code, cause Denial of Service, or gain access to data on the host.

Background

Xen is a bare-metal hypervisor.

Description

Multiple vulnerabilities have been discovered in Xen. Please review the CVE identifiers referenced below for details.

Impact

Guest domains could possibly gain privileges, execute arbitrary code, or cause a Denial of Service on the host domain (Dom0). Additionally, guest domains could gain information about other virtual machines running on the same host or read arbitrary files on the host.

Workaround

The CVEs listed below do not currently have fixes, but only apply to Xen setups which have "tmem" specified on the hypervisor command line.
TMEM is not currently supported for use in production systems, and administrators using tmem should disable it.
Relevant CVEs:
* CVE-2012-2497
* CVE-2012-6030
* CVE-2012-6031
* CVE-2012-6032
* CVE-2012-6033
* CVE-2012-6034
* CVE-2012-6035
* CVE-2012-6036

Resolution

All Xen users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-emulation/xen-4.2.2-r1"

All Xen-tools users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=app-emulation/xen-tools-4.2.2-r3"

All Xen-pvgrub users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot -v ">=app-emulation/xen-pvgrub-4.2.2-r1"

References

[ 1 ] CVE-2011-2901 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2901
[ 2 ] CVE-2011-3262 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3262
[ 3 ] CVE-2011-3262 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3262
[ 4 ] CVE-2012-0217 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0217
[ 5 ] CVE-2012-0218 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-0218
[ 6 ] CVE-2012-2934 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-2934
[ 7 ] CVE-2012-3432 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3432
[ 8 ] CVE-2012-3433 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3433
[ 9 ] CVE-2012-3494 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3494
[ 10 ] CVE-2012-3495 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3495
[ 11 ] CVE-2012-3496 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3496
[ 12 ] CVE-2012-3497 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3497
[ 13 ] CVE-2012-3498 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3498
[ 14 ] CVE-2012-3515 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3515
[ 15 ] CVE-2012-4411 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4411
[ 16 ] CVE-2012-4535 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4535
[ 17 ] CVE-2012-4536 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4536
[ 18 ] CVE-2012-4537 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4537
[ 19 ] CVE-2012-4538 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4538
[ 20 ] CVE-2012-4539 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-4539
[ 21 ] CVE-2012-5510 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5510
[ 22 ] CVE-2012-5511 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5511
[ 23 ] CVE-2012-5512 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5512
[ 24 ] CVE-2012-5513 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5513
[ 25 ] CVE-2012-5514 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5514
[ 26 ] CVE-2012-5515 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5515
[ 27 ] CVE-2012-5525 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5525
[ 28 ] CVE-2012-5634 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-5634
[ 29 ] CVE-2012-6030 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6030
[ 30 ] CVE-2012-6031 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6031
[ 31 ] CVE-2012-6032 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6032
[ 32 ] CVE-2012-6033 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6033
[ 33 ] CVE-2012-6034 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6034
[ 34 ] CVE-2012-6035 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6035
[ 35 ] CVE-2012-6036 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6036
[ 36 ] CVE-2012-6075 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6075
[ 37 ] CVE-2012-6333 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6333
[ 38 ] CVE-2013-0151 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0151
[ 39 ] CVE-2013-0152 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0152
[ 40 ] CVE-2013-0153 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0153
[ 41 ] CVE-2013-0154 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0154
[ 42 ] CVE-2013-0215 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-0215
[ 43 ] CVE-2013-1432 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1432
[ 44 ] CVE-2013-1917 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1917
[ 45 ] CVE-2013-1918 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1918
[ 46 ] CVE-2013-1919 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1919
[ 47 ] CVE-2013-1920 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1920
[ 48 ] CVE-2013-1922 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1922
[ 49 ] CVE-2013-1952 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1952
[ 50 ] CVE-2013-1964 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1964
[ 51 ] CVE-2013-2076 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2076
[ 52 ] CVE-2013-2077 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2077
[ 53 ] CVE-2013-2078 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2078
[ 54 ] CVE-2013-2194 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2194
[ 55 ] CVE-2013-2195 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2195
[ 56 ] CVE-2013-2196 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2196
[ 57 ] CVE-2013-2211 : http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-2211
[ 58 ] Xen TMEM http://lists.xen.org/archives/html/xen-announce/2012-09/msg00006.html

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201309-24.xml

Original Source

Url : http://security.gentoo.org/glsa/glsa-201309-24.xml

CWE : Common Weakness Enumeration

%	Id	Name
28 %	CWE-20	Improper Input Validation
26 %	CWE-264	Permissions, Privileges, and Access Controls
17 %	CWE-399	Resource Management Errors
9 %	CWE-16	Configuration
7 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
7 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
4 %	CWE-200	Information Exposure
2 %	CWE-120	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15124

Oval ID:	oval:org.mitre.oval:def:15124
Title:	DSA-2337-1 xen -- several vulnerabilities
Description:	Several vulnerabilities were discovered in the Xen virtual machine hypervisor. CVE-2011-1166 A 64-bit guest can get one of its vCPU"ss into non-kernel mode without first providing a valid non-kernel pagetable, thereby locking up the host system. CVE-2011-1583, CVE-2011-3262 Local users can cause a denial of service and possibly execute arbitrary code via a crafted paravirtualised guest kernel image. CVE-2011-1898 When using PCI passthrough on Intel VT-d chipsets that do not have interrupt remapping, guest OS can users to gain host OS privileges by writing to the interrupt injection registers. The old stable distribution contains a different version of Xen not affected by these problems.
Family:	unix	Class:	patch
Reference(s):	DSA-2337-1 CVE-2011-1166 CVE-2011-1583 CVE-2011-1898 CVE-2011-3262	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xen
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND Installed architecture is all AND xen DPKG is earlier than 4.0.1-4

Definition Id: oval:org.mitre.oval:def:15596

Oval ID:	oval:org.mitre.oval:def:15596
Title:	User Mode Scheduler Memory Corruption Vulnerability (CVE-2012-0217)
Description:	The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2012-0217	Version:	8
Platform(s):	Microsoft Windows 7 Microsoft Windows Server 2008 R2	Product(s):
Definition Synopsis:
Win7/2k8 R2 and vulnerable file version Win7/2K8 R2 (X64) Microsoft Windows Server 2008 R2 x64 Edition is installed AND Microsoft Windows 7 x64 Edition is installed AND Check for LDR/GDR Check if the version of ntoskrnl.exe is less than 6.1.7600.17017 OR Check for LDR the version of Ntoskrnl.exe is greater than or equal 6.1.7600.20000 AND Check if the version of ntoskrnl.exe is less than 6.1.7600.21207 OR Win7 SP1/Win2k8 R2 SP1 Win7 SP1/Win 2K8 R2 SP1 Microsoft Windows 7 x64 Service Pack 1 is installed AND Microsoft Windows Server 2008 R2 x64 Service Pack 1 is installed AND Check for LDR/GDR Check if the version of Ntoskrnl.exe is less than 6.1.7601.17835 OR Check for LDR Check if the version of Ntoskrnl.exe is less than 6.1.7601.21987 AND the version of Ntoskrnl.exe is greater than or equal 6.1.7601.21000

Definition Id: oval:org.mitre.oval:def:17653

Oval ID:	oval:org.mitre.oval:def:17653
Title:	DSA-2544-1 xen - denial of service
Description:	Multiple denial of service vulnerabilities have been discovered in Xen, an hypervisor.
Family:	unix	Class:	patch
Reference(s):	DSA-2544-1 CVE-2012-3494 CVE-2012-3496	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xen
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen DPKG is earlier than 4.0.1-5.4

Definition Id: oval:org.mitre.oval:def:18062

Oval ID:	oval:org.mitre.oval:def:18062
Title:	USN-1692-1 -- qemu-kvm vulnerability
Description:	QEMU could be made to crash or run programs if it received specially crafted network traffic.
Family:	unix	Class:	patch
Reference(s):	USN-1692-1 CVE-2012-6075	Version:	7
Platform(s):	Ubuntu 12.10 Ubuntu 12.04 Ubuntu 11.10 Ubuntu 10.04	Product(s):	qemu-kvm
Definition Synopsis:
Release section Ubuntu 12.10 is installed AND qemu-kvm DPKG is earlier than 1.2.0+noroms-0ubuntu2.12.10.2 AND Release section Ubuntu 12.04 is installed AND qemu-kvm DPKG is earlier than 1.0+noroms-0ubuntu14.7 AND Release section Ubuntu 11.10 is installed AND qemu-kvm DPKG is earlier than 0.14.1+noroms-0ubuntu6.6 AND Release section Ubuntu 10.04 is installed AND qemu-kvm DPKG is earlier than 0.12.3+noroms-0ubuntu9.21

Definition Id: oval:org.mitre.oval:def:18182

Oval ID:	oval:org.mitre.oval:def:18182
Title:	USN-1590-1 -- qemu-kvm vulnerability
Description:	QEMU could be made to crash or run programs.
Family:	unix	Class:	patch
Reference(s):	USN-1590-1 CVE-2012-3515	Version:	7
Platform(s):	Ubuntu 12.04 Ubuntu 11.10 Ubuntu 11.04 Ubuntu 10.04	Product(s):	qemu-kvm
Definition Synopsis:
Release section Ubuntu 12.04 is installed AND qemu-kvm DPKG is earlier than 1.0+noroms-0ubuntu14.2 AND Release section Ubuntu 11.10 is installed AND qemu-kvm DPKG is earlier than 0.14.1+noroms-0ubuntu6.5 AND Release section Ubuntu 11.04 is installed AND qemu-kvm DPKG is earlier than 0.14.0+noroms-0ubuntu4.7 AND Release section Ubuntu 10.04 is installed AND qemu-kvm DPKG is earlier than 0.12.3+noroms-0ubuntu9.20

Definition Id: oval:org.mitre.oval:def:18314

Oval ID:	oval:org.mitre.oval:def:18314
Title:	DSA-2607-1 qemu-kvm - buffer overflow
Description:	It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not discard such frames (which it will by default).
Family:	unix	Class:	patch
Reference(s):	DSA-2607-1 CVE-2012-6075	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	qemu-kvm
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu-kvm DPKG is earlier than 0.12.5+dfsg-5+squeeze10

Definition Id: oval:org.mitre.oval:def:18326

Oval ID:	oval:org.mitre.oval:def:18326
Title:	DSA-2542-1 qemu-kvm - multiple
Description:	Multiple vulnerabilities have been discovered in KVM, a full virtualization solution on x86 hardware.
Family:	unix	Class:	patch
Reference(s):	DSA-2542-1 CVE-2012-2652 CVE-2012-3515	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	qemu-kvm
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu-kvm DPKG is earlier than 0.12.5+dfsg-5+squeeze9

Definition Id: oval:org.mitre.oval:def:18567

Oval ID:	oval:org.mitre.oval:def:18567
Title:	DSA-2619-1 xen-qemu-dm-4.0 - buffer overflow
Description:	A buffer overflow was found in the e1000 emulation, which could be triggered when processing jumbo frames.
Family:	unix	Class:	patch
Reference(s):	DSA-2619-1 CVE-2012-6075	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xen-qemu-dm-4.0
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen-qemu-dm-4.0 DPKG is earlier than 4.0.1-2+squeeze3

Definition Id: oval:org.mitre.oval:def:18625

Oval ID:	oval:org.mitre.oval:def:18625
Title:	DSA-2501-1 xen - several
Description:	Several vulnerabilities were discovered in Xen, a hypervisor.
Family:	unix	Class:	patch
Reference(s):	DSA-2501-1 CVE-2012-0217 CVE-2012-0218 CVE-2012-2934	Version:	7
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xen
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen DPKG is earlier than 4.0.1-5.2

Definition Id: oval:org.mitre.oval:def:19281

Oval ID:	oval:org.mitre.oval:def:19281
Title:	CRITICAL PATCH UPDATE OCTOBER 2012
Description:	The x86-64 kernel system-call functionality in Xen 4.1.2 and earlier, as used in Citrix XenServer 6.0.2 and earlier and other products; Oracle Solaris 11 and earlier; illumos before r13724; Joyent SmartOS before 20120614T184600Z; FreeBSD before 9.0-RELEASE-p3; NetBSD 6.0 Beta and earlier; Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1; and possibly other operating systems, when running on an Intel processor, incorrectly uses the sysret path in cases where a certain address is not a canonical address, which allows local users to gain privileges via a crafted application. NOTE: because this issue is due to incorrect use of the Intel specification, it should have been split into separate identifiers; however, there was some value in preserving the original mapping of the multi-codebase coordinated-disclosure effort to a single identifier.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2012-0217	Version:	3
Platform(s):	Sun Solaris 10	Product(s):
Definition Synopsis:
Patch 147441-22 or later installed Solaris 10 (x86) is installed AND NOT Patch 147441-22 or later installed

Definition Id: oval:org.mitre.oval:def:19782

Oval ID:	oval:org.mitre.oval:def:19782
Title:	DSA-2531-1 xen - several
Description:	Several denial-of-service vulnerabilities have been discovered in Xen, the popular virtualization software.
Family:	unix	Class:	patch
Reference(s):	DSA-2531-1 CVE-2012-3432 CVE-2012-3433	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xen
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen DPKG is earlier than 0:4.0.1-5.3

Definition Id: oval:org.mitre.oval:def:19816

Oval ID:	oval:org.mitre.oval:def:19816
Title:	DSA-2636-1 xen - several
Description:	Multiple vulnerabilities have been discovered in the Xen hypervisor.
Family:	unix	Class:	patch
Reference(s):	DSA-2636-1 CVE-2012-4544 CVE-2012-5511 CVE-2012-5634 CVE-2013-0153	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xen
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen DPKG is earlier than 0:4.0.1-5.7

Definition Id: oval:org.mitre.oval:def:19838

Oval ID:	oval:org.mitre.oval:def:19838
Title:	DSA-2662-1 xen - several
Description:	Multiple vulnerabilities have been discovered in the Xen hypervisor.
Family:	unix	Class:	patch
Reference(s):	DSA-2662-1 CVE-2013-1917 CVE-2013-1919	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xen
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen DPKG is earlier than 0:4.0.1-5.10

Definition Id: oval:org.mitre.oval:def:19861

Oval ID:	oval:org.mitre.oval:def:19861
Title:	DSA-2508-1 kfreebsd-8 - privilege escalation
Description:	Rafal Wojtczuk from Bromium discovered that FreeBSD wasn't handling correctly uncanonical return addresses on Intel amd64 CPUs, allowing privilege escalation to kernel for local users.
Family:	unix	Class:	patch
Reference(s):	DSA-2508-1 CVE-2012-0217	Version:	5
Platform(s):	Debian GNU/kFreeBSD 6.0	Product(s):	kfreebsd-8
Definition Synopsis:
Debian 6.0 is installed AND Debian GNU/kFreeBSD is installed AND kfreebsd-8 DPKG is earlier than 0:8.1+dfsg-8+squeeze3

Definition Id: oval:org.mitre.oval:def:19921

Oval ID:	oval:org.mitre.oval:def:19921
Title:	DSA-2608-1 qemu - buffer overflow
Description:	It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not discard such frames (which it will by default).
Family:	unix	Class:	patch
Reference(s):	DSA-2608-1 CVE-2012-6075	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	qemu
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu DPKG is earlier than 0:0.12.5+dfsg-3squeeze3

Definition Id: oval:org.mitre.oval:def:19980

Oval ID:	oval:org.mitre.oval:def:19980
Title:	DSA-2545-1 qemu - multiple
Description:	Multiple vulnerabilities have been discovered in QEMU, a fast processor emulator.
Family:	unix	Class:	patch
Reference(s):	DSA-2545-1 CVE-2012-2652 CVE-2012-3515	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	qemu
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND qemu DPKG is earlier than 0:0.12.5+dfsg-3squeeze2

Definition Id: oval:org.mitre.oval:def:20046

Oval ID:	oval:org.mitre.oval:def:20046
Title:	DSA-2666-1 xen - several
Description:	Multiple vulnerabilities have been discovered in the Xen hypervisor.
Family:	unix	Class:	patch
Reference(s):	DSA-2666-1 CVE-2013-1918 CVE-2013-1952 CVE-2013-1964	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/Linux 7 Debian GNU/kFreeBSD 6.0 Debian GNU/kFreeBSD 7	Product(s):	xen
Definition Synopsis:
Release section Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen DPKG is earlier than 0:4.0.1-5.11 AND Release section Debian 7 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen DPKG is earlier than 0:4.1.4-3+deb7u1

Definition Id: oval:org.mitre.oval:def:20053

Oval ID:	oval:org.mitre.oval:def:20053
Title:	DSA-2543-1 xen-qemu-dm-4.0 - multiple
Description:	Multiple vulnerabilities have been discovered in xen-qemu-dm-4.0, the Xen QEMU Device Model virtual machine hardware emulator.
Family:	unix	Class:	patch
Reference(s):	DSA-2543-1 CVE-2012-3515 CVE-2012-4411	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xen-qemu-dm-4.0
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen-qemu-dm-4.0 DPKG is earlier than 0:4.0.1-2+squeeze2

Definition Id: oval:org.mitre.oval:def:20155

Oval ID:	oval:org.mitre.oval:def:20155
Title:	DSA-2582-1 xen - denial of service
Description:	Multiple denial of service vulnerabilities have been discovered in the Xen Hypervisor. One of the issue (<a href="http://security-tracker.debian.org/tracker/CVE-2012-5513">CVE-2012-5513</a>) could even lead to privilege escalation from guest to host.
Family:	unix	Class:	patch
Reference(s):	DSA-2582-1 CVE-2011-3131 CVE-2012-4535 CVE-2012-4537 CVE-2012-4538 CVE-2012-4539 CVE-2012-5510 CVE-2012-5513 CVE-2012-5514 CVE-2012-5515	Version:	5
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xen
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen DPKG is earlier than 0:4.0.1-5.5

Definition Id: oval:org.mitre.oval:def:20229

Oval ID:	oval:org.mitre.oval:def:20229
Title:	VMware ESXi and ESX updates to third party library and ESX Service Console
Description:	Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2011-2901	Version:	4
Platform(s):	VMWare ESX Server 4.1	Product(s):
Definition Synopsis:
Patch ESX410-201201401-SG is not installed VMware ESX Server 4.1 is installed AND Patch ESX410-201201401-SG is not installed

Definition Id: oval:org.mitre.oval:def:20368

Oval ID:	oval:org.mitre.oval:def:20368
Title:	RHSA-2013:0168: kernel security and bug fix update (Moderate)
Description:	The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0168-00 CESA-2013:0168 CVE-2012-1568 CVE-2012-4444 CVE-2012-5515	Version:	45
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	kernel
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section kernel-PAE-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-headers is earlier than 0:2.6.18-348.1.1.el5 AND kernel-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-PAE is earlier than 0:2.6.18-348.1.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-doc is earlier than 0:2.6.18-348.1.1.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-debug is earlier than 0:2.6.18-348.1.1.el5 AND kernel-kdump is earlier than 0:2.6.18-348.1.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-xen is earlier than 0:2.6.18-348.1.1.el5

Definition Id: oval:org.mitre.oval:def:20711

Oval ID:	oval:org.mitre.oval:def:20711
Title:	RHSA-2013:0609: qemu-kvm security update (Important)
Description:	Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0609-01 CESA-2013:0609 CVE-2012-6075	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND CentOS Linux 6.x Packages section qemu-guest-agent-win32 is earlier than 2:0.12.1.2-2.355.el6_4.2 AND qemu-kvm is earlier than 2:0.12.1.2-2.355.el6_4.2 AND qemu-guest-agent is earlier than 2:0.12.1.2-2.355.el6_4.2 AND qemu-img is earlier than 2:0.12.1.2-2.355.el6_4.2 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.355.el6_4.2

Definition Id: oval:org.mitre.oval:def:20761

Oval ID:	oval:org.mitre.oval:def:20761
Title:	RHSA-2013:0847: kernel security and bug fix update (Moderate)
Description:	The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0847-00 CESA-2013:0847 CVE-2013-0153	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	kernel
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section kernel-PAE is earlier than 0:2.6.18-348.6.1.el5 AND kernel-debug is earlier than 0:2.6.18-348.6.1.el5 AND kernel-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-headers is earlier than 0:2.6.18-348.6.1.el5 AND kernel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-kdump is earlier than 0:2.6.18-348.6.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-xen is earlier than 0:2.6.18-348.6.1.el5 AND kernel-doc is earlier than 0:2.6.18-348.6.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-348.6.1.el5

Definition Id: oval:org.mitre.oval:def:21097

Oval ID:	oval:org.mitre.oval:def:21097
Title:	RHSA-2013:0599: xen security update (Important)
Description:	Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0599-00 CESA-2013:0599 CVE-2012-6075	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	xen
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND CentOS Linux 5.x Packages section xen-libs is earlier than 0:3.0.3-142.el5_9.2 AND xen is earlier than 0:3.0.3-142.el5_9.2 AND xen-devel is earlier than 0:3.0.3-142.el5_9.2

Definition Id: oval:org.mitre.oval:def:21145

Oval ID:	oval:org.mitre.oval:def:21145
Title:	RHSA-2012:1236: xen security update (Important)
Description:	Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1236-00 CESA-2012:1236 CVE-2012-3515	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	xen
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section xen-libs is earlier than 0:3.0.3-135.el5_8.5 AND xen is earlier than 0:3.0.3-135.el5_8.5 AND xen-devel is earlier than 0:3.0.3-135.el5_8.5

Definition Id: oval:org.mitre.oval:def:21157

Oval ID:	oval:org.mitre.oval:def:21157
Title:	RHSA-2013:0608: kvm security update (Important)
Description:	Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
Family:	unix	Class:	patch
Reference(s):	RHSA-2013:0608-00 CESA-2013:0608 CVE-2012-6075	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	kvm
Definition Synopsis:
Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND Packages section kmod-kvm-debug is earlier than 0:83-262.el5_9.1 AND kmod-kvm is earlier than 0:83-262.el5_9.1 AND kvm-tools is earlier than 0:83-262.el5_9.1 AND kvm is earlier than 0:83-262.el5_9.1 AND kvm-qemu-img is earlier than 0:83-262.el5_9.1 OR Centos 5 section CentOS Linux 5.x AND Packages section kmod-kvm-debug is earlier than 0:83-262.el5.centos.1 AND kmod-kvm is earlier than 0:83-262.el5.centos.1 AND kvm-tools is earlier than 0:83-262.el5.centos.1 AND kvm is earlier than 0:83-262.el5.centos.1 AND kvm-qemu-img is earlier than 0:83-262.el5.centos.1

Definition Id: oval:org.mitre.oval:def:21200

Oval ID:	oval:org.mitre.oval:def:21200
Title:	RHSA-2011:1212: kernel security and bug fix update (Important)
Description:	Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.
Family:	unix	Class:	patch
Reference(s):	RHSA-2011:1212-01 CESA-2011:1212 CVE-2011-2482 CVE-2011-2491 CVE-2011-2495 CVE-2011-2517 CVE-2011-2519 CVE-2011-2901	Version:	81
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	kernel
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section kernel-headers is earlier than 0:2.6.18-274.3.1.el5 AND kernel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-doc is earlier than 0:2.6.18-274.3.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-devel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-debug is earlier than 0:2.6.18-274.3.1.el5 AND kernel-kdump is earlier than 0:2.6.18-274.3.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-PAE is earlier than 0:2.6.18-274.3.1.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-xen is earlier than 0:2.6.18-274.3.1.el5

Definition Id: oval:org.mitre.oval:def:21233

Oval ID:	oval:org.mitre.oval:def:21233
Title:	RHSA-2012:1540: kernel security, bug fix, and enhancement update (Important)
Description:	The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1540-00 CESA-2012:1540 CVE-2012-2372 CVE-2012-3552 CVE-2012-4508 CVE-2012-4535 CVE-2012-4537 CVE-2012-5513	Version:	81
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	kernel
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section kernel-xen-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-debug is earlier than 0:2.6.18-308.24.1.el5 AND kernel-PAE is earlier than 0:2.6.18-308.24.1.el5 AND kernel-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-doc is earlier than 0:2.6.18-308.24.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-headers is earlier than 0:2.6.18-308.24.1.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-kdump is earlier than 0:2.6.18-308.24.1.el5 AND kernel-xen is earlier than 0:2.6.18-308.24.1.el5

Definition Id: oval:org.mitre.oval:def:21347

Oval ID:	oval:org.mitre.oval:def:21347
Title:	RHSA-2012:0721: kernel security update (Important)
Description:	Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across a non-canonical boundary, a different vulnerability than CVE-2012-0217.
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:0721-00 CESA-2012:0721 CVE-2012-0217 CVE-2012-2934	Version:	29
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	kernel
Definition Synopsis:
Redhat 5 or Centos 5 release The operating system installed on the system is Red Hat Enterprise Linux 5 AND The operating system installed on the system is CentOS Linux 5.x Packages section kernel-PAE is earlier than 0:2.6.18-308.8.2.el5 AND kernel-kdump is earlier than 0:2.6.18-308.8.2.el5 AND kernel-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-xen-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-debug is earlier than 0:2.6.18-308.8.2.el5 AND kernel-headers is earlier than 0:2.6.18-308.8.2.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-doc is earlier than 0:2.6.18-308.8.2.el5 AND kernel-xen is earlier than 0:2.6.18-308.8.2.el5 AND kernel-debug-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-308.8.2.el5

Definition Id: oval:org.mitre.oval:def:21464

Oval ID:	oval:org.mitre.oval:def:21464
Title:	RHSA-2012:1235: kvm security update (Important)
Description:	Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1235-00 CESA-2012:1235 CVE-2012-3515	Version:	4
Platform(s):	Red Hat Enterprise Linux 5 CentOS Linux 5	Product(s):	kvm
Definition Synopsis:
Redhat 5 section The operating system installed on the system is Red Hat Enterprise Linux 5 AND Packages section kmod-kvm-debug is earlier than 0:83-249.el5_8.5 AND kvm is earlier than 0:83-249.el5_8.5 AND kmod-kvm is earlier than 0:83-249.el5_8.5 AND kvm-qemu-img is earlier than 0:83-249.el5_8.5 AND kvm-tools is earlier than 0:83-249.el5_8.5 OR Centos 5 section The operating system installed on the system is CentOS Linux 5.x AND Packages section kmod-kvm-debug is earlier than 0:83-249.el5.centos.5 AND kvm is earlier than 0:83-249.el5.centos.5 AND kmod-kvm is earlier than 0:83-249.el5.centos.5 AND kvm-qemu-img is earlier than 0:83-249.el5.centos.5 AND kvm-tools is earlier than 0:83-249.el5.centos.5

Definition Id: oval:org.mitre.oval:def:21575

Oval ID:	oval:org.mitre.oval:def:21575
Title:	RHSA-2012:1234: qemu-kvm security update (Important)
Description:	Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
Family:	unix	Class:	patch
Reference(s):	RHSA-2012:1234-01 CESA-2012:1234 CVE-2012-3515	Version:	4
Platform(s):	Red Hat Enterprise Linux 6 CentOS Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Redhat 6 or Centos 6 release The operating system installed on the system is Red Hat Enterprise Linux 6 AND The operating system installed on the system is CentOS Linux 6.x Packages section qemu-kvm is earlier than 2:0.12.1.2-2.295.el6_3.2 AND qemu-img is earlier than 2:0.12.1.2-2.295.el6_3.2 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.295.el6_3.2 AND qemu-guest-agent is earlier than 2:0.12.1.2-2.295.el6_3.2

Definition Id: oval:org.mitre.oval:def:22862

Oval ID:	oval:org.mitre.oval:def:22862
Title:	ELSA-2012:1235: kvm security update (Important)
Description:	Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1235-00 CVE-2012-3515	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	kvm
Definition Synopsis:
Oracle Linux 5.x rpm test kmod-kvm-debug is earlier than 0:83-249.el5_8.5 AND kvm is earlier than 0:83-249.el5_8.5 AND kmod-kvm is earlier than 0:83-249.el5_8.5 AND kvm-qemu-img is earlier than 0:83-249.el5_8.5 AND kvm-tools is earlier than 0:83-249.el5_8.5

Definition Id: oval:org.mitre.oval:def:22895

Oval ID:	oval:org.mitre.oval:def:22895
Title:	ELSA-2012:0721: kernel security update (Important)
Description:	Xen 4.0, and 4.1, when running a 64-bit PV guest on "older" AMD CPUs, does not properly protect against a certain AMD processor bug, which allows local guest OS users to cause a denial of service (host hang) via sequential execution of instructions across a non-canonical boundary, a different vulnerability than CVE-2012-0217.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:0721-00 CVE-2012-0217 CVE-2012-2934	Version:	13
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x rpm test kernel-PAE is earlier than 0:2.6.18-308.8.2.el5 AND kernel-kdump is earlier than 0:2.6.18-308.8.2.el5 AND kernel-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-xen-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-debug is earlier than 0:2.6.18-308.8.2.el5 AND kernel-headers is earlier than 0:2.6.18-308.8.2.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-doc is earlier than 0:2.6.18-308.8.2.el5 AND kernel-xen is earlier than 0:2.6.18-308.8.2.el5 AND kernel-debug-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-308.8.2.el5

Definition Id: oval:org.mitre.oval:def:22963

Oval ID:	oval:org.mitre.oval:def:22963
Title:	ELSA-2013:0599: xen security update (Important)
Description:	Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0599-00 CVE-2012-6075	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	xen
Definition Synopsis:
Oracle Linux 5.x rpm test xen-libs is earlier than 0:3.0.3-142.el5_9.2 AND xen is earlier than 0:3.0.3-142.el5_9.2 AND xen-devel is earlier than 0:3.0.3-142.el5_9.2

Definition Id: oval:org.mitre.oval:def:22996

Oval ID:	oval:org.mitre.oval:def:22996
Title:	ELSA-2012:1236: xen security update (Important)
Description:	Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1236-00 CVE-2012-3515	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	xen
Definition Synopsis:
Oracle Linux 5.x rpm test xen-libs is earlier than 0:3.0.3-135.el5_8.5 AND xen is earlier than 0:3.0.3-135.el5_8.5 AND xen-devel is earlier than 0:3.0.3-135.el5_8.5

Definition Id: oval:org.mitre.oval:def:23060

Oval ID:	oval:org.mitre.oval:def:23060
Title:	ELSA-2013:0608: kvm security update (Important)
Description:	Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0608-00 CVE-2012-6075	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	kvm
Definition Synopsis:
Oracle Linux 5.x rpm test kmod-kvm-debug is earlier than 0:83-262.el5_9.1 AND kmod-kvm is earlier than 0:83-262.el5_9.1 AND kvm-tools is earlier than 0:83-262.el5_9.1 AND kvm is earlier than 0:83-262.el5_9.1 AND kvm-qemu-img is earlier than 0:83-262.el5_9.1

Definition Id: oval:org.mitre.oval:def:23068

Oval ID:	oval:org.mitre.oval:def:23068
Title:	ELSA-2012:1540: kernel security, bug fix, and enhancement update (Important)
Description:	The XENMEM_exchange handler in Xen 4.2 and earlier does not properly check the memory address, which allows local PV guest OS administrators to cause a denial of service (crash) or possibly gain privileges via unspecified vectors that overwrite memory in the hypervisor reserved range.
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1540-00 CVE-2012-2372 CVE-2012-3552 CVE-2012-4508 CVE-2012-4535 CVE-2012-4537 CVE-2012-5513	Version:	29
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x rpm test kernel-xen-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-debug is earlier than 0:2.6.18-308.24.1.el5 AND kernel-PAE is earlier than 0:2.6.18-308.24.1.el5 AND kernel-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-doc is earlier than 0:2.6.18-308.24.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-headers is earlier than 0:2.6.18-308.24.1.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-kdump is earlier than 0:2.6.18-308.24.1.el5 AND kernel-xen is earlier than 0:2.6.18-308.24.1.el5

Definition Id: oval:org.mitre.oval:def:23293

Oval ID:	oval:org.mitre.oval:def:23293
Title:	ELSA-2011:1212: kernel security and bug fix update (Important)
Description:	Off-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.
Family:	unix	Class:	patch
Reference(s):	ELSA-2011:1212-01 CVE-2011-2482 CVE-2011-2491 CVE-2011-2495 CVE-2011-2517 CVE-2011-2519 CVE-2011-2901	Version:	29
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x rpm test kernel-headers is earlier than 0:2.6.18-274.3.1.el5 AND kernel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-doc is earlier than 0:2.6.18-274.3.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-devel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-debug is earlier than 0:2.6.18-274.3.1.el5 AND kernel-kdump is earlier than 0:2.6.18-274.3.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-PAE is earlier than 0:2.6.18-274.3.1.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-274.3.1.el5 AND kernel-xen is earlier than 0:2.6.18-274.3.1.el5

Definition Id: oval:org.mitre.oval:def:23456

Oval ID:	oval:org.mitre.oval:def:23456
Title:	ELSA-2013:0168: kernel security and bug fix update (Moderate)
Description:	The (1) XENMEM_decrease_reservation, (2) XENMEM_populate_physmap, and (3) XENMEM_exchange hypercalls in Xen 4.2 and earlier allow local guest administrators to cause a denial of service (long loop and hang) via a crafted extent_order value.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0168-00 CVE-2012-1568 CVE-2012-4444 CVE-2012-5515	Version:	17
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x rpm test kernel-PAE-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-headers is earlier than 0:2.6.18-348.1.1.el5 AND kernel-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-PAE is earlier than 0:2.6.18-348.1.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-doc is earlier than 0:2.6.18-348.1.1.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-debug is earlier than 0:2.6.18-348.1.1.el5 AND kernel-kdump is earlier than 0:2.6.18-348.1.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-xen is earlier than 0:2.6.18-348.1.1.el5

Definition Id: oval:org.mitre.oval:def:23522

Oval ID:	oval:org.mitre.oval:def:23522
Title:	ELSA-2013:0847: kernel security and bug fix update (Moderate)
Description:	The AMD IOMMU support in Xen 4.2.x, 4.1.x, 3.3, and other versions, when using AMD-Vi for PCI passthrough, uses the same interrupt remapping table for the host and all guests, which allows guests to cause a denial of service by injecting an interrupt into other guests.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0847-00 CVE-2013-0153	Version:	6
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x rpm test kernel-PAE is earlier than 0:2.6.18-348.6.1.el5 AND kernel-debug is earlier than 0:2.6.18-348.6.1.el5 AND kernel-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-headers is earlier than 0:2.6.18-348.6.1.el5 AND kernel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-kdump is earlier than 0:2.6.18-348.6.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-xen is earlier than 0:2.6.18-348.6.1.el5 AND kernel-doc is earlier than 0:2.6.18-348.6.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-kdump-devel is earlier than 0:2.6.18-348.6.1.el5

Definition Id: oval:org.mitre.oval:def:23955

Oval ID:	oval:org.mitre.oval:def:23955
Title:	ELSA-2012:1234: qemu-kvm security update (Important)
Description:	Qemu, as used in Xen 4.0, 4.1 and possibly other products, when emulating certain devices with a virtual console backend, allows local OS guest users to gain privileges via a crafted escape VT100 sequence that triggers the overwrite of a "device model's address space."
Family:	unix	Class:	patch
Reference(s):	ELSA-2012:1234-01 CVE-2012-3515	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 6.x rpm test qemu-kvm is earlier than 2:0.12.1.2-2.295.el6_3.2 AND qemu-img is earlier than 2:0.12.1.2-2.295.el6_3.2 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.295.el6_3.2 AND qemu-guest-agent is earlier than 2:0.12.1.2-2.295.el6_3.2

Definition Id: oval:org.mitre.oval:def:24076

Oval ID:	oval:org.mitre.oval:def:24076
Title:	ELSA-2013:0609: qemu-kvm security update (Important)
Description:	Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
Family:	unix	Class:	patch
Reference(s):	ELSA-2013:0609-01 CVE-2012-6075	Version:	6
Platform(s):	Oracle Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 6.x rpm test qemu-guest-agent-win32 is earlier than 2:0.12.1.2-2.355.el6_4.2 AND qemu-kvm is earlier than 2:0.12.1.2-2.355.el6_4.2 AND qemu-guest-agent is earlier than 2:0.12.1.2-2.355.el6_4.2 AND qemu-img is earlier than 2:0.12.1.2-2.355.el6_4.2 AND qemu-kvm-tools is earlier than 2:0.12.1.2-2.355.el6_4.2

Definition Id: oval:org.mitre.oval:def:24980

Oval ID:	oval:org.mitre.oval:def:24980
Title:	SUSE-SU-2013:1774-1 -- Security update for Xen
Description:	XEN has been updated to version 4.2.3 c/s 26170, fixing various bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1774-1 CVE-2013-4416 CVE-2013-4355 CVE-2013-4361 CVE-2013-4368 CVE-2013-4369 CVE-2013-4370 CVE-2013-4371 CVE-2013-4375 CVE-2013-1442 CVE-2013-1432 CVE-2013-1918	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	Xen
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xen-kmp-default RPM is earlier than 0:4.2.3_02_3.0.93_0.8-0.7.1 AND xen-libs RPM is earlier than 0:4.2.3_02-0.7.1 AND xen-tools-domU RPM is earlier than 0:4.2.3_02-0.7.1 AND xen RPM is earlier than 0:4.2.3_02-0.7.1 AND xen-doc-html RPM is earlier than 0:4.2.3_02-0.7.1 AND xen-doc-pdf RPM is earlier than 0:4.2.3_02-0.7.1 AND xen-libs-32bit RPM is earlier than 0:4.2.3_02-0.7.1 AND xen-tools RPM is earlier than 0:4.2.3_02-0.7.1 AND xen-kmp-pae RPM is earlier than 0:4.2.3_02_3.0.93_0.8-0.7.1

Definition Id: oval:org.mitre.oval:def:25115

Oval ID:	oval:org.mitre.oval:def:25115
Title:	SUSE-SU-2014:0446-1 -- Security update for Xen
Description:	The SUSE Linux Enterprise Server 11 Service Pack 1 LTSS Xen hypervisor and toolset have been updated to fix various security issues and some bugs.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2014:0446-1 CVE-2014-1894 CVE-2014-1892 CVE-2014-1893 CVE-2014-1891 CVE-2013-6885 CVE-2013-4554 CVE-2013-4553 CVE-2013-4494 CVE-2013-4368 CVE-2013-4361 CVE-2013-4355 CVE-2013-1442 CVE-2013-4329 CVE-2013-2212 CVE-2013-1918 CVE-2013-1432 CVE-2013-2211 CVE-2013-2072 CVE-2013-2196 CVE-2013-2194 CVE-2013-2195 CVE-2013-2077 CVE-2013-2076 CVE-2006-1056 CVE-2013-1964 CVE-2013-1952 CVE-2013-1920 CVE-2013-1919 CVE-2013-1917 CVE-2012-6075 CVE-2013-0154 CVE-2013-0153 CVE-2012-5634 CVE-2012-5515 CVE-2012-5514 CVE-2012-5513 CVE-2012-6333 CVE-2012-5511 CVE-2012-5510 CVE-2012-4544 CVE-2012-4539 CVE-2012-4538 CVE-2012-4537 CVE-2012-4535 CVE-2012-4411 CVE-2007-0998 CVE-2012-3497	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11	Product(s):	Xen
Definition Synopsis:
SUSE Linux Enterprise Server 11.x is installed Packages match section xen RPM is earlier than 0:4.0.3_21548_16-0.5.1 AND xen-doc-html RPM is earlier than 0:4.0.3_21548_16-0.5.1 AND xen-doc-pdf RPM is earlier than 0:4.0.3_21548_16-0.5.1 AND xen-kmp-default RPM is earlier than 0:4.0.3_21548_16_2.6.32.59_0.9-0.5.1 AND xen-kmp-trace RPM is earlier than 0:4.0.3_21548_16_2.6.32.59_0.9-0.5.1 AND xen-libs RPM is earlier than 0:4.0.3_21548_16-0.5.1 AND xen-tools RPM is earlier than 0:4.0.3_21548_16-0.5.1 AND xen-tools-domU RPM is earlier than 0:4.0.3_21548_16-0.5.1 AND xen-kmp-pae RPM is earlier than 0:4.0.3_21548_16_2.6.32.59_0.9-0.5.1

Definition Id: oval:org.mitre.oval:def:25689

Oval ID:	oval:org.mitre.oval:def:25689
Title:	SUSE-SU-2013:1075-1 -- Security update for Xen
Description:	XEN has been updated to 4.1.5 c/s 23509 to fix various bugs and security issues.
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1075-1 CVE-2013-1918 CVE-2013-1952 CVE-2013-2076 CVE-2013-2077 CVE-2013-2078 CVE-2013-2072 CVE-2013-1917 CVE-2013-1919 CVE-2013-1920 CVE-2013-1964	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	Xen
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xen-kmp-default RPM is earlier than 0:4.1.5_02_3.0.74_0.6.10-0.5.1 AND xen-kmp-trace RPM is earlier than 0:4.1.5_02_3.0.74_0.6.10-0.5.1 AND xen-libs RPM is earlier than 0:4.1.5_02-0.5.1 AND xen-tools-domU RPM is earlier than 0:4.1.5_02-0.5.1 AND xen RPM is earlier than 0:4.1.5_02-0.5.1 AND xen-doc-html RPM is earlier than 0:4.1.5_02-0.5.1 AND xen-doc-pdf RPM is earlier than 0:4.1.5_02-0.5.1 AND xen-libs-32bit RPM is earlier than 0:4.1.5_02-0.5.1 AND xen-tools RPM is earlier than 0:4.1.5_02-0.5.1 AND xen-kmp-pae RPM is earlier than 0:4.1.5_02_3.0.74_0.6.10-0.5.1

Definition Id: oval:org.mitre.oval:def:25878

Oval ID:	oval:org.mitre.oval:def:25878
Title:	SUSE-SU-2013:1314-1 -- Security update for Xen
Description:	The Xen hypervisor and toolset has been updated to 4.2.2_06 to fix various bugs and security issues: The following security issues have been addressed: * CVE-2013-2194: Various integer overflows in the ELF loader were fixed. (XSA-55) * CVE-2013-2195: Various pointer dereferences issues in the ELF loader were fixed. (XSA-55) * CVE-2013-2196: Various other problems in the ELF loader were fixed. (XSA-55) * CVE-2013-2078: A Hypervisor crash due to missing exception recovery on XSETBV was fixed. (XSA-54) * CVE-2013-2077: A Hypervisor crash due to missing exception recovery on XRSTOR was fixed. (XSA-53) * CVE-2013-2211: libxl allowed guest write access to sensitive console related xenstore keys. (XSA-57) * CVE-2013-2076: An information leak on XSAVE/XRSTOR capable AMD CPUs (XSA-52) was fixed, where parts of this state could leak to other VMs. Also the following bugs have been fixed: * performance issues in mirror lvm (bnc#801663) * aacraid driver panics mapping INT A when booting kernel-xen (bnc#808085) * Fully Virtualized Windows VM install failed on Ivy Bridge platforms with Xen kernel (bnc#808269) * Did not boot with i915 graphics controller with VT-d enabled (bnc#817210)
Family:	unix	Class:	patch
Reference(s):	SUSE-SU-2013:1314-1 CVE-2013-2194 CVE-2013-2195 CVE-2013-2196 CVE-2013-2078 CVE-2013-2077 CVE-2013-2211 CVE-2013-2076	Version:	3
Platform(s):	SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11	Product(s):	Xen
Definition Synopsis:
Operation system section SUSE Linux Enterprise Server 11.x is installed AND SUSE Linux Enterprise Desktop 11.x is installed Packages match section xen-kmp-default RPM is earlier than 0:4.2.2_06_3.0.82_0.7-0.7.1 AND xen-libs RPM is earlier than 0:4.2.2_06-0.7.1 AND xen-tools-domU RPM is earlier than 0:4.2.2_06-0.7.1 AND xen RPM is earlier than 0:4.2.2_06-0.7.1 AND xen-doc-html RPM is earlier than 0:4.2.2_06-0.7.1 AND xen-doc-pdf RPM is earlier than 0:4.2.2_06-0.7.1 AND xen-libs-32bit RPM is earlier than 0:4.2.2_06-0.7.1 AND xen-tools RPM is earlier than 0:4.2.2_06-0.7.1 AND xen-kmp-pae RPM is earlier than 0:4.2.2_06_3.0.82_0.7-0.7.1

Definition Id: oval:org.mitre.oval:def:27051

Oval ID:	oval:org.mitre.oval:def:27051
Title:	ELSA-2013-0168-1 -- kernel security and bug fix update (moderate)
Description:	kernel [2.6.18-348.1.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0168-1 CVE-2012-1568 CVE-2012-4444 CVE-2012-5515	Version:	5
Platform(s):	Oracle Linux 5	Product(s):	kernel ocfs2 oracleasm kernel-PAE kernel-PAE-devel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-headers kernel-xen kernel-xen-devel
Definition Synopsis:
Oracle Linux 5.x Packages match section kernel is earlier than 0:2.6.18-348.1.1.0.1.el5 AND ocfs2-2.6.18-348.1.1.0.1.el5 is earlier than 0:1.4.10-1.el5 AND oracleasm-2.6.18-348.1.1.0.1.el5 is earlier than 0:2.0.5-1.el5 AND kernel-PAE is earlier than 0:2.6.18-348.1.1.0.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-348.1.1.0.1.el5 AND kernel-debug is earlier than 0:2.6.18-348.1.1.0.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-348.1.1.0.1.el5 AND kernel-devel is earlier than 0:2.6.18-348.1.1.0.1.el5 AND kernel-doc is earlier than 0:2.6.18-348.1.1.0.1.el5 AND kernel-headers is earlier than 0:2.6.18-348.1.1.0.1.el5 AND kernel-xen is earlier than 0:2.6.18-348.1.1.0.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-348.1.1.0.1.el5 AND ocfs2-2.6.18-348.1.1.0.1.el5PAE is earlier than 0:1.4.10-1.el5 AND ocfs2-2.6.18-348.1.1.0.1.el5debug is earlier than 0:1.4.10-1.el5 AND ocfs2-2.6.18-348.1.1.0.1.el5xen is earlier than 0:1.4.10-1.el5 AND oracleasm-2.6.18-348.1.1.0.1.el5PAE is earlier than 0:2.0.5-1.el5 AND oracleasm-2.6.18-348.1.1.0.1.el5debug is earlier than 0:2.0.5-1.el5 AND oracleasm-2.6.18-348.1.1.0.1.el5xen is earlier than 0:2.0.5-1.el5

Definition Id: oval:org.mitre.oval:def:27185

Oval ID:	oval:org.mitre.oval:def:27185
Title:	DEPRECATED: ELSA-2013-0599 -- xen security update (important)
Description:	[3.0.3-142.el5_9.2] - e1000: discard packets that are too long if !SBP and !LPE (rhbz 910843) - e1000: discard oversized packets based on SBP\|LPE (rhbz 910843)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0599 CVE-2012-6075	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	xen
Definition Synopsis:
Oracle Linux 5.x Packages match section xen is earlier than 0:3.0.3-142.el5_9.2 AND xen-devel is earlier than 0:3.0.3-142.el5_9.2 AND xen-libs is earlier than 0:3.0.3-142.el5_9.2

Definition Id: oval:org.mitre.oval:def:27334

Oval ID:	oval:org.mitre.oval:def:27334
Title:	ELSA-2013-0847-1 -- kernel security and bug fix update (moderate)
Description:	kernel [2.6.18-348.6.1.0.1] - [oprofile] x86, mm: Add __get_user_pages_fast() [orabug 14277030] - [oprofile] export __get_user_pages_fast() function [orabug 14277030] - [oprofile] oprofile, x86: Fix nmi-unsafe callgraph support [orabug 14277030] - [oprofile] oprofile: use KM_NMI slot for kmap_atomic [orabug 14277030] - [oprofile] oprofile: i386 add get_user_pages_fast support [orabug 14277030] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [usb] USB: fix __must_check warnings in drivers/usb/core/ (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix endpoint device creation (Junxiao Bi) [orabug 14795203] - [usb] usbcore: fix refcount bug in endpoint removal (Junxiao Bi) [orabug 14795203]
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0847-1 CVE-2013-0153	Version:	5
Platform(s):	Oracle Linux 5	Product(s):	kernel ocfs2 oracleasm kernel-PAE kernel-PAE-devel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-headers kernel-xen kernel-xen-devel
Definition Synopsis:
Oracle Linux 5.x Packages match section kernel is earlier than 0:2.6.18-348.6.1.0.1.el5 AND ocfs2-2.6.18-348.6.1.0.1.el5 is earlier than 0:1.4.10-1.el5 AND oracleasm-2.6.18-348.6.1.0.1.el5 is earlier than 0:2.0.5-1.el5 AND kernel-PAE is earlier than 0:2.6.18-348.6.1.0.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-348.6.1.0.1.el5 AND kernel-debug is earlier than 0:2.6.18-348.6.1.0.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-348.6.1.0.1.el5 AND kernel-devel is earlier than 0:2.6.18-348.6.1.0.1.el5 AND kernel-doc is earlier than 0:2.6.18-348.6.1.0.1.el5 AND kernel-headers is earlier than 0:2.6.18-348.6.1.0.1.el5 AND kernel-xen is earlier than 0:2.6.18-348.6.1.0.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-348.6.1.0.1.el5 AND ocfs2-2.6.18-348.6.1.0.1.el5PAE is earlier than 0:1.4.10-1.el5 AND ocfs2-2.6.18-348.6.1.0.1.el5debug is earlier than 0:1.4.10-1.el5 AND ocfs2-2.6.18-348.6.1.0.1.el5xen is earlier than 0:1.4.10-1.el5 AND oracleasm-2.6.18-348.6.1.0.1.el5PAE is earlier than 0:2.0.5-1.el5 AND oracleasm-2.6.18-348.6.1.0.1.el5debug is earlier than 0:2.0.5-1.el5 AND oracleasm-2.6.18-348.6.1.0.1.el5xen is earlier than 0:2.0.5-1.el5

Definition Id: oval:org.mitre.oval:def:27349

Oval ID:	oval:org.mitre.oval:def:27349
Title:	DEPRECATED: ELSA-2013-0609 -- qemu-kvm security update (important)
Description:	[qemu-kvm-0.12.1.2-2.355.el6_4.2] - kvm-e1000-Discard-packets-that-are-too-long-if-SBP-and-L.patch [bz#910841] - kvm-e1000-Discard-oversized-packets-based-on-SBP-LPE.patch [bz#910841] - Resolves: bz#910841 (CVE-2012-6075 qemu (e1000 device driver): Buffer overflow when processing large packets when SBP and LPE flags are disabled [rhel-6.4.z]) [qemu-kvm-0.12.1.2-2.355.el6_4.1] - kvm-Revert-e1000-no-need-auto-negotiation-if-link-was-do.patch [bz#907397] - Resolves: bz#907397 (Patch 'e1000: no need auto-negotiation if link was down' may break e1000 guest)
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0609 CVE-2012-6075	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 6.x Packages match section qemu-kvm is earlier than 0:0.12.1.2-2.355.el6_4.2 AND qemu-guest-agent is earlier than 0:0.12.1.2-2.355.el6_4.2

Definition Id: oval:org.mitre.oval:def:27375

Oval ID:	oval:org.mitre.oval:def:27375
Title:	ELSA-2012-1540-1 -- kernel security, bug fix, and enhancement update (important)
Description:	kernel [2.6.18-308.24.1.0.1.el5] - [kernel] Initialize the local uninitialized variable stats. [orabug 14051367] - [fs] JBD:make jbd support 512B blocks correctly for ocfs2. [orabug 13477763] - [x86 ] fix fpu context corrupt when preempt in signal context [orabug 14038272] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printks when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] Patch shrink_zone to yield during severe mempressure events, avoiding hangs and evictions (John Sobecki,Chris Mason) [orabug 6086839] - [mm] Enhance shrink_zone patch allow full swap utilization, and also be NUMA-aware (John Sobecki,Chris Mason,Herbert van den Bergh) [orabug 9245919] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346]
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1540-1 CVE-2012-2372 CVE-2012-3552 CVE-2012-4508 CVE-2012-4535 CVE-2012-4537 CVE-2012-5513	Version:	5
Platform(s):	Oracle Linux 5	Product(s):	kernel ocfs2 oracleasm kernel-PAE kernel-PAE-devel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-headers kernel-xen kernel-xen-devel
Definition Synopsis:
Oracle Linux 5.x Packages match section kernel is earlier than 0:2.6.18-308.24.1.0.1.el5 AND ocfs2-2.6.18-308.24.1.0.1.el5 is earlier than 0:1.4.10-1.el5 AND oracleasm-2.6.18-308.24.1.0.1.el5 is earlier than 0:2.0.5-1.el5 AND kernel-PAE is earlier than 0:2.6.18-308.24.1.0.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-308.24.1.0.1.el5 AND kernel-debug is earlier than 0:2.6.18-308.24.1.0.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-308.24.1.0.1.el5 AND kernel-devel is earlier than 0:2.6.18-308.24.1.0.1.el5 AND kernel-doc is earlier than 0:2.6.18-308.24.1.0.1.el5 AND kernel-headers is earlier than 0:2.6.18-308.24.1.0.1.el5 AND kernel-xen is earlier than 0:2.6.18-308.24.1.0.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-308.24.1.0.1.el5 AND ocfs2-2.6.18-308.24.1.0.1.el5PAE is earlier than 0:1.4.10-1.el5 AND ocfs2-2.6.18-308.24.1.0.1.el5debug is earlier than 0:1.4.10-1.el5 AND ocfs2-2.6.18-308.24.1.0.1.el5xen is earlier than 0:1.4.10-1.el5 AND oracleasm-2.6.18-308.24.1.0.1.el5PAE is earlier than 0:2.0.5-1.el5 AND oracleasm-2.6.18-308.24.1.0.1.el5debug is earlier than 0:2.0.5-1.el5 AND oracleasm-2.6.18-308.24.1.0.1.el5xen is earlier than 0:2.0.5-1.el5

Definition Id: oval:org.mitre.oval:def:27435

Oval ID:	oval:org.mitre.oval:def:27435
Title:	DEPRECATED: ELSA-2012-1540 -- kernel security, bug fix, and enhancement update (important)
Description:	kernel [2.6.18-308.24.1.el5] - Revert: [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004] [2.6.18-308.23.1.el5] - [net] bnx2x: Add remote-fault link detection (Alexander Gordeev) [870120 796905] - [net] bnx2x: Cosmetic changes (Alexander Gordeev) [870120 796905] - [net] rds-ping cause kernel panic (Alexander Gordeev) [822755 822756] {CVE-2012-2372} - [xen] add guest address range checks to XENMEM_exchange handlers (Igor Mammedov) [878033 878034] {CVE-2012-5513} - [xen] x86/physmap: Prevent incorrect updates of m2p mappings (Igor Mammedov) [870148 870149] {CVE-2012-4537} - [xen] VCPU/timer: Dos vulnerability prev overflow in calculations (Igor Mammedov) [870150 870151] {CVE-2012-4535} - [scsi] sg: fix races during device removal (Ewan Milne) [868950 861004] [2.6.18-308.22.1.el5] - [net] bonding: fix link down handling in 802.3ad mode (Andy Gospodarek) [877943 782866] [2.6.18-308.21.1.el5] - [fs] ext4: race-cond protect for convert_unwritten_extents_endio (Lukas Czerner) [869910 869911] {CVE-2012-4508} - [fs] ext4: serialize fallocate w/ ext4_convert_unwritten_extents (Lukas Czerner) [869910 869911] {CVE-2012-4508} - [fs] ext4: flush the i_completed_io_list during ext4_truncate (Lukas Czerner) [869910 869911] {CVE-2012-4508} - [net] WARN if struct ip_options was allocated directly by kmalloc (Jiri Pirko) [874973 872612] - [net] ipv4: add RCU protection to inet->opt (Jiri Pirko) [872113 855302] {CVE-2012-3552} - [scsi] qla2xx: Dont toggle inter bits after IRQ lines attached (Chad Dupuis) [870118 800708]
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1540 CVE-2012-2372 CVE-2012-3552 CVE-2012-4508 CVE-2012-4535 CVE-2012-4537 CVE-2012-5513	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x Packages match section kernel is earlier than 0:2.6.18-308.24.1.el5 AND ocfs2 is earlier than 0:2.6.18-308.24.1.el5-1.4.10-1.el5 AND oracleasm is earlier than 0:2.6.18-308.24.1.el5-2.0.5-1.el5 AND kernel-PAE is earlier than 0:2.6.18-308.24.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-debug is earlier than 0:2.6.18-308.24.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-devel is earlier than 0:2.6.18-308.24.1.el5 AND kernel-doc is earlier than 0:2.6.18-308.24.1.el5 AND kernel-headers is earlier than 0:2.6.18-308.24.1.el5 AND kernel-xen is earlier than 0:2.6.18-308.24.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-308.24.1.el5 AND ocfs2 is earlier than 0:2.6.18-308.24.1.el5PAE-1.4.10-1.el5 AND ocfs2 is earlier than 0:2.6.18-308.24.1.el5debug-1.4.10-1.el5 AND ocfs2 is earlier than 0:2.6.18-308.24.1.el5xen-1.4.10-1.el5 AND oracleasm is earlier than 0:2.6.18-308.24.1.el5PAE-2.0.5-1.el5 AND oracleasm is earlier than 0:2.6.18-308.24.1.el5debug-2.0.5-1.el5 AND oracleasm is earlier than 0:2.6.18-308.24.1.el5xen-2.0.5-1.el5

Definition Id: oval:org.mitre.oval:def:27565

Oval ID:	oval:org.mitre.oval:def:27565
Title:	DEPRECATED: ELSA-2012-1235 -- kvm security update (important)
Description:	[83-249.0.1.el5_8.5] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [83-249.el5_8.5] - kvm-console-bounds-check-whenever-changing-the-cursor-du-58.patch [bz#851255] - CVE: CVE-2012-3515 - Resolves: bz#851255 (EMBARGOED CVE-2012-3515 qemu/kvm: VT100 emulation vulnerability [rhel-5.8.z])
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1235 CVE-2012-3515	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	kvm
Definition Synopsis:
Oracle Linux 5.x Packages match section kvm is earlier than 0:83-249.0.1.el5_8.5 AND kmod-kvm is earlier than 0:83-249.0.1.el5_8.5 AND kmod-kvm-debug is earlier than 0:83-249.0.1.el5_8.5 AND kvm-qemu-img is earlier than 0:83-249.0.1.el5_8.5 AND kvm-tools is earlier than 0:83-249.0.1.el5_8.5

Definition Id: oval:org.mitre.oval:def:27571

Oval ID:	oval:org.mitre.oval:def:27571
Title:	DEPRECATED: ELSA-2013-0168 -- kernel security and bug fix update (moderate)
Description:	kernel [2.6.18-348.1.1] - [pci] intel-iommu: reduce max num of domains supported (Don Dutile) [886876 885125] - [fs] gfs2: Fix leak of cached directory hash table (Steven Whitehouse) [886124 831330] - [x86] mm: randomize SHLIB_BASE (Petr Matousek) [804953 804954] {CVE-2012-1568} - [net] be2net: create RSS rings even in multi-channel configs (Ivan Vecera) [884702 878209] - [net] tg3: Avoid dma read error (John Feeney) [885692 877474] - [misc] Fix unsupported hardware message (Prarit Bhargava) [885063 876587] - [net] ipv6: discard overlapping fragment (Jiri Pirko) [874837 874838] {CVE-2012-4444} - [usb] Fix serial port reference counting on hotplug remove (Don Zickus) [885700 845447] - [net] bridge: export its presence and fix bonding igmp reporting (Veaceslav Falico) [884742 843473] - [fs] nfs: move wait for server->active from put_super to kill_sb (Jeff Layton) [884708 839839] - [scsi] libfc: fix indefinite rport restart (Neil Horman) [884740 595184] - [scsi] libfc: Retry a rejected PRLI request (Neil Horman) [884740 595184] - [scsi] libfc: Fix remote port restart problem (Neil Horman) [884740 595184] - [xen] memop: limit guest specified extent order (Laszlo Ersek) [878449 878450] {CVE-2012-5515} - [xen] get bottom of EBDA from the multiboot data structure (Paolo Bonzini) [885062 881885]
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0168 CVE-2012-1568 CVE-2012-4444 CVE-2012-5515	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x Packages match section kernel is earlier than 0:2.6.18-348.1.1.el5 AND ocfs2 is earlier than 0:2.6.18-348.1.1.el5-1.4.10-1.el5 AND oracleasm is earlier than 0:2.6.18-348.1.1.el5-2.0.5-1.el5 AND kernel-PAE is earlier than 0:2.6.18-348.1.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-debug is earlier than 0:2.6.18-348.1.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-devel is earlier than 0:2.6.18-348.1.1.el5 AND kernel-doc is earlier than 0:2.6.18-348.1.1.el5 AND kernel-headers is earlier than 0:2.6.18-348.1.1.el5 AND kernel-xen is earlier than 0:2.6.18-348.1.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-348.1.1.el5 AND ocfs2 is earlier than 0:2.6.18-348.1.1.el5PAE-1.4.10-1.el5 AND ocfs2 is earlier than 0:2.6.18-348.1.1.el5debug-1.4.10-1.el5 AND ocfs2 is earlier than 0:2.6.18-348.1.1.el5xen-1.4.10-1.el5 AND oracleasm is earlier than 0:2.6.18-348.1.1.el5PAE-2.0.5-1.el5 AND oracleasm is earlier than 0:2.6.18-348.1.1.el5debug-2.0.5-1.el5 AND oracleasm is earlier than 0:2.6.18-348.1.1.el5xen-2.0.5-1.el5

Definition Id: oval:org.mitre.oval:def:27635

Oval ID:	oval:org.mitre.oval:def:27635
Title:	ELSA-2012-0721-1 -- kernel security update (important)
Description:	kernel: [2.6.18-308.8.2.0.1.el5] - [net] bonding: fix carrier detect when bond is down [orabug 12377284] - [mm] fix hugetlb page leak (Dave McCracken) [orabug 12375075] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - [net] net: Redo the broken redhat netconsole over bonding (Tina Yang) [orabug 12740042] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] +- [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] [2.6.18-308.8.2.el5] - [xen] x86_64: check address on trap handlers or guest callbacks (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86_64: Do not execute sysret with a non-canonical return address (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) [824969 824970]
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0721-1 CVE-2012-0217 CVE-2012-2934	Version:	5
Platform(s):	Oracle Linux 5	Product(s):	kernel ocfs2 oracleasm kernel-PAE kernel-PAE-devel kernel-debug kernel-debug-devel kernel-devel kernel-doc kernel-headers kernel-xen kernel-xen-devel
Definition Synopsis:
Oracle Linux 5.x Packages match section kernel is earlier than 0:2.6.18-308.8.2.0.1.el5 AND ocfs2-2.6.18-308.8.2.0.1.el5 is earlier than 0:1.4.10-1.el5 AND oracleasm-2.6.18-308.8.2.0.1.el5 is earlier than 0:2.0.5-1.el5 AND kernel-PAE is earlier than 0:2.6.18-308.8.2.0.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-308.8.2.0.1.el5 AND kernel-debug is earlier than 0:2.6.18-308.8.2.0.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-308.8.2.0.1.el5 AND kernel-devel is earlier than 0:2.6.18-308.8.2.0.1.el5 AND kernel-doc is earlier than 0:2.6.18-308.8.2.0.1.el5 AND kernel-headers is earlier than 0:2.6.18-308.8.2.0.1.el5 AND kernel-xen is earlier than 0:2.6.18-308.8.2.0.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-308.8.2.0.1.el5 AND ocfs2-2.6.18-308.8.2.0.1.el5PAE is earlier than 0:1.4.10-1.el5 AND ocfs2-2.6.18-308.8.2.0.1.el5debug is earlier than 0:1.4.10-1.el5 AND ocfs2-2.6.18-308.8.2.0.1.el5xen is earlier than 0:1.4.10-1.el5 AND oracleasm-2.6.18-308.8.2.0.1.el5PAE is earlier than 0:2.0.5-1.el5 AND oracleasm-2.6.18-308.8.2.0.1.el5debug is earlier than 0:2.0.5-1.el5 AND oracleasm-2.6.18-308.8.2.0.1.el5xen is earlier than 0:2.0.5-1.el5

Definition Id: oval:org.mitre.oval:def:27641

Oval ID:	oval:org.mitre.oval:def:27641
Title:	DEPRECATED: ELSA-2013-0608 -- kvm security update (important)
Description:	[kvm-83-262.0.1.el5_9.1] - Added kvm-add-oracle-workaround-for-libvirt-bug.patch - Added kvm-Introduce-oel-machine-type.patch [kvm-83-262.el5_1] - kvm-e1000-Discard-packets-that-are-too-long-if-SBP-and-L.patch [bz#910839] - kvm-e1000-Discard-oversized-packets-based-on-SBP-LPE.patch [bz#910839] - Resolves: bz#910839 (CVE-2012-6075 qemu (e1000 device driver): Buffer overflow when processing large packets when SBP and LPE flags are disabled [rhel-5.9.z])
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0608 CVE-2012-6075	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	kvm
Definition Synopsis:
Oracle Linux 5.x Packages match section kvm is earlier than 0:83-262.0.1.el5_9.1 AND kmod-kvm is earlier than 0:83-262.0.1.el5_9.1 AND kmod-kvm-debug is earlier than 0:83-262.0.1.el5_9.1 AND kvm-qemu-img is earlier than 0:83-262.0.1.el5_9.1 AND kvm-tools is earlier than 0:83-262.0.1.el5_9.1

Definition Id: oval:org.mitre.oval:def:27662

Oval ID:	oval:org.mitre.oval:def:27662
Title:	DEPRECATED: ELSA-2013-0847 -- kernel security and bug fix update (moderate)
Description:	kernel [2.6.18-348.6.1] - [char] ipmi: use a tasklet for handling received messages (Tony Camuso) [953435 947732] - [char] ipmi: do run_to_completion properly in deliver_recv_msg (Tony Camuso) [953435 947732] - [fs] nfs4: fix locking around cl_state_owners list (Dave Wysochanski) [954296 948317] - [fs] nfs: Fix bugs on short read (Sachin Prabhu) [952098 924011] - [xen] AMD IOMMU: spot missing IO-APIC entries in IVRS table (Igor Mammedov) [910912 910913] {CVE-2013-0153} - [xen] AMD, IOMMU: Make per-device interrupt remap table default (Igor Mammedov) [910912 910913] {CVE-2013-0153} - [xen] AMD, IOMMU: Disable IOMMU if SATA Combined mode is on (Igor Mammedov) [910912 910913] {CVE-2013-0153} - [xen] AMD, IOMMU: On creating entry clean up in remapping tables (Igor Mammedov) [910912 910913] {CVE-2013-0153} - [xen] ACPI: acpi_table_parse() should return handler's err code (Igor Mammedov) [910912 910913] {CVE-2013-0153} - [xen] introduce xzalloc() & Co (Igor Mammedov) [910912 910913] {CVE-2013-0153} - [x86] fpu: fix CONFIG_PREEMPT=y corruption of FPU stack (Prarit Bhargava) [948187 731531] - [i386] add sleazy FPU optimization (Prarit Bhargava) [948187 731531] - [x86-64] non lazy 'sleazy' fpu implementation (Prarit Bhargava) [948187 731531] [2.6.18-348.5.1] - [fs] nfs: handle getattr failure during nfsv4 open (David Jeffery) [947736 906909]
Family:	unix	Class:	patch
Reference(s):	ELSA-2013-0847 CVE-2013-0153	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x Packages match section kernel is earlier than 0:2.6.18-348.6.1.el5 AND ocfs2 is earlier than 0:2.6.18-348.6.1.el5-1.4.10-1.el5 AND oracleasm is earlier than 0:2.6.18-348.6.1.el5-2.0.5-1.el5 AND kernel-PAE is earlier than 0:2.6.18-348.6.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-debug is earlier than 0:2.6.18-348.6.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-devel is earlier than 0:2.6.18-348.6.1.el5 AND kernel-doc is earlier than 0:2.6.18-348.6.1.el5 AND kernel-headers is earlier than 0:2.6.18-348.6.1.el5 AND kernel-xen is earlier than 0:2.6.18-348.6.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-348.6.1.el5 AND ocfs2 is earlier than 0:2.6.18-348.6.1.el5PAE-1.4.10-1.el5 AND ocfs2 is earlier than 0:2.6.18-348.6.1.el5debug-1.4.10-1.el5 AND ocfs2 is earlier than 0:2.6.18-348.6.1.el5xen-1.4.10-1.el5 AND oracleasm is earlier than 0:2.6.18-348.6.1.el5PAE-2.0.5-1.el5 AND oracleasm is earlier than 0:2.6.18-348.6.1.el5debug-2.0.5-1.el5 AND oracleasm is earlier than 0:2.6.18-348.6.1.el5xen-2.0.5-1.el5

Definition Id: oval:org.mitre.oval:def:27717

Oval ID:	oval:org.mitre.oval:def:27717
Title:	DEPRECATED: ELSA-2011-0496 -- xen security update (important)
Description:	[3.0.3-120.el5_6.2] - Fix logic and integer overflow in xc_try_bzip2_decode() (rhbz 696938) - Fix logic and integer overflow in xc_try_lzma_decode() (rhbz 696938) - Fix integer and buffer overflows in xc_dom_probe_bzimage_kernel() (rhbz 696938)
Family:	unix	Class:	patch
Reference(s):	ELSA-2011-0496 CVE-2011-1583 CVE-2011-3262	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	xen
Definition Synopsis:
Oracle Linux 5.x Packages match section xen is earlier than 0:3.0.3-120.el5_6.2 AND xen-devel is earlier than 0:3.0.3-120.el5_6.2 AND xen-libs is earlier than 0:3.0.3-120.el5_6.2

Definition Id: oval:org.mitre.oval:def:27721

Oval ID:	oval:org.mitre.oval:def:27721
Title:	DEPRECATED: ELSA-2012-1234 -- qemu-kvm security update (important)
Description:	[0.12.1.2-2.295.el6_3.2] - kvm-console-bounds-check-whenever-changing-the-cursor-du.patch [bz#851257 - Resolves: bz#851257 (EMBARGOED CVE-2012-3515 qemu/kvm: VT100 emulation vulnerability [rhel-6.3.z])
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1234 CVE-2012-3515	Version:	4
Platform(s):	Oracle Linux 6	Product(s):	qemu-kvm
Definition Synopsis:
Oracle Linux 6.x Packages match section qemu-kvm is earlier than 0:0.12.1.2-2.295.el6_3.2 AND qemu-guest-agent is earlier than 0:0.12.1.2-2.295.el6_3.2 AND qemu-img is earlier than 0:0.12.1.2-2.295.el6_3.2 AND qemu-kvm-tools is earlier than 0:0.12.1.2-2.295.el6_3.2

Definition Id: oval:org.mitre.oval:def:27730

Oval ID:	oval:org.mitre.oval:def:27730
Title:	DEPRECATED: ELSA-2012-0721 -- kernel security update (important)
Description:	kernel: [2.6.18-308.8.2.el5] - [xen] x86_64: check address on trap handlers or guest callbacks (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86_64: Do not execute sysret with a non-canonical return address (Paolo Bonzini) [813430 813431] {CVE-2012-0217} - [xen] x86: prevent hv boot on AMD CPUs with Erratum 121 (Laszlo Ersek) [824969 824970] ocfs2: [1.4.10] - ocfs2/dlm: Cleanup mlogs in dlmthread.c dlmast.c and dlmdomain.c - ocfs2/dlm: make existing convertion precedent over new lock - ocfs2/dlm: Cleanup dlmdebug.c - ocfs2/dlm: Minor cleanup - ocfs2/dlm: Hard code the values for enums - ocfs2: Wakeup down convert thread just after clearing OCFS2 LOCK UPCONVERT FINISHING - ocfs2/dlm: Take inflight reference count for remotely mastered resources too - ocfs2/dlm: dlmlock remote needs to account for remastery - ocfs2: Add some trace log for orphan scan - ocfs2: Remove unused old id in ocfs2_commit_cache - ocfs2: Remove obsolete comments before ocfs2_start_trans - ocfs2: Initialize the bktcnt variable properly and call it bucket_count - ocfs2: Use cpu to le16 for e leaf clusters in ocfs2_bg_discontig_add_extent - ocfs2: validate bg free bits count after update - ocfs2: cluster Pin the remote node item in configfs - ocfs2: Release buffer head in case of error in ocfs2_double_lock - ocfs2: optimize ocfs2 check dir entry with unlikely() annotations - ocfs2: Little refactoring against ocfs2 iget - ocfs2: Initialize data ac might be used uninitializ - ocfs2 Skip mount recovery for hard ro mounts - ocfs2: make direntry invalid when deleting it - ocfs2: commit trans in error - ocfs2: Fix deadlock when allocating page - ocfs2: Avoid livelock in ocfs2 readpage
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-0721 CVE-2012-0217 CVE-2012-2934	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x Packages match section kernel is earlier than 0:2.6.18-308.8.2.el5 AND ocfs2 is earlier than 0:2.6.18-308.8.2.el5-1.4.10-1.el5 AND oracleasm is earlier than 0:2.6.18-308.8.2.el5-2.0.5-1.el5 AND kernel-PAE is earlier than 0:2.6.18-308.8.2.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-debug is earlier than 0:2.6.18-308.8.2.el5 AND kernel-debug-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-devel is earlier than 0:2.6.18-308.8.2.el5 AND kernel-doc is earlier than 0:2.6.18-308.8.2.el5 AND kernel-headers is earlier than 0:2.6.18-308.8.2.el5 AND kernel-xen is earlier than 0:2.6.18-308.8.2.el5 AND kernel-xen-devel is earlier than 0:2.6.18-308.8.2.el5 AND ocfs2 is earlier than 0:2.6.18-308.8.2.el5PAE-1.4.10-1.el5 AND ocfs2 is earlier than 0:2.6.18-308.8.2.el5debug-1.4.10-1.el5 AND ocfs2 is earlier than 0:2.6.18-308.8.2.el5xen-1.4.10-1.el5 AND oracleasm is earlier than 0:2.6.18-308.8.2.el5PAE-2.0.5-1.el5 AND oracleasm is earlier than 0:2.6.18-308.8.2.el5debug-2.0.5-1.el5 AND oracleasm is earlier than 0:2.6.18-308.8.2.el5xen-2.0.5-1.el5

Definition Id: oval:org.mitre.oval:def:27781

Oval ID:	oval:org.mitre.oval:def:27781
Title:	DEPRECATED: ELSA-2011-1212 -- kernel security and bug fix update (important)
Description:	[2.6.18-274.3.1.0.1.el5] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - fix missing aio_complete() in end_io (Joel Becker) [orabug 10365195] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497)
Family:	unix	Class:	patch
Reference(s):	ELSA-2011-1212 CVE-2011-2482 CVE-2011-2491 CVE-2011-2495 CVE-2011-2517 CVE-2011-2519 CVE-2011-2901	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	kernel
Definition Synopsis:
Oracle Linux 5.x Packages match section kernel is earlier than 0:2.6.18-274.3.1.0.1.el5 AND ocfs2 is earlier than 0:2.6.18-274.3.1.0.1.el5-1.4.8-2.el5 AND oracleasm is earlier than 0:2.6.18-274.3.1.0.1.el5-2.0.5-1.el5 AND kernel-PAE is earlier than 0:2.6.18-274.3.1.0.1.el5 AND kernel-PAE-devel is earlier than 0:2.6.18-274.3.1.0.1.el5 AND kernel-debug is earlier than 0:2.6.18-274.3.1.0.1.el5 AND kernel-debug-devel is earlier than 0:2.6.18-274.3.1.0.1.el5 AND kernel-devel is earlier than 0:2.6.18-274.3.1.0.1.el5 AND kernel-doc is earlier than 0:2.6.18-274.3.1.0.1.el5 AND kernel-headers is earlier than 0:2.6.18-274.3.1.0.1.el5 AND kernel-xen is earlier than 0:2.6.18-274.3.1.0.1.el5 AND kernel-xen-devel is earlier than 0:2.6.18-274.3.1.0.1.el5 AND ocfs2 is earlier than 0:2.6.18-274.3.1.0.1.el5PAE-1.4.8-2.el5 AND ocfs2 is earlier than 0:2.6.18-274.3.1.0.1.el5debug-1.4.8-2.el5 AND ocfs2 is earlier than 0:2.6.18-274.3.1.0.1.el5xen-1.4.8-2.el5 AND oracleasm is earlier than 0:2.6.18-274.3.1.0.1.el5PAE-2.0.5-1.el5 AND oracleasm is earlier than 0:2.6.18-274.3.1.0.1.el5debug-2.0.5-1.el5 AND oracleasm is earlier than 0:2.6.18-274.3.1.0.1.el5xen-2.0.5-1.el5

Definition Id: oval:org.mitre.oval:def:27797

Oval ID:	oval:org.mitre.oval:def:27797
Title:	DEPRECATED: ELSA-2012-1236 -- xen security update (important)
Description:	[3.0.3-135.el5_8.5] - console: Prevent escape sequence length overflow (rhbz 851253)
Family:	unix	Class:	patch
Reference(s):	ELSA-2012-1236 CVE-2012-3515	Version:	4
Platform(s):	Oracle Linux 5	Product(s):	xen
Definition Synopsis:
Oracle Linux 5.x Packages match section xen is earlier than 0:3.0.3-135.el5_8.5 AND xen-devel is earlier than 0:3.0.3-135.el5_8.5 AND xen-libs is earlier than 0:3.0.3-135.el5_8.5

Definition Id: oval:org.mitre.oval:def:29189

Oval ID:	oval:org.mitre.oval:def:29189
Title:	DSA-2636-2 -- xen -- several vulnerabilities
Description:	Multiple vulnerabilities have been discovered in the Xen hypervisor.
Family:	unix	Class:	patch
Reference(s):	DSA-2636-2 CVE-2012-4544 CVE-2012-5511 CVE-2012-5634 CVE-2013-0153	Version:	3
Platform(s):	Debian GNU/Linux 6.0 Debian GNU/kFreeBSD 6.0	Product(s):	xen
Definition Synopsis:
Debian 6.0 is installed GNU/Linux or GNU/kFreeBSD kernel Debian GNU/Linux is installed AND Debian GNU/kFreeBSD is installed AND xen is earlier than 0:4.0.1-5.8

CPE : Common Platform Enumeration

Type	Description	Count
Application	Citrix Xen cpe:2.3:a:citrix:xen:4.1.0:::::::* cpe:2.3:a:citrix:xen:4.0.0:::::::* cpe:2.3:a:citrix:xen:3.3.0:::::::* cpe:2.3:a:citrix:xen:3.2.0:::::::*	4
Application	Citrix Xenserver cpe:2.3:a:citrix:xenserver:6.0.2:::::::* cpe:2.3:a:citrix:xenserver:6.0:::::::* cpe:2.3:a:citrix:xenserver:5.6:sp2:::::: cpe:2.3:a:citrix:xenserver:5.6:fp1:::::: cpe:2.3:a:citrix:xenserver:5.6:::::::* cpe:2.3:a:citrix:xenserver:5.6:common_criteria:::::: cpe:2.3:a:citrix:xenserver:5.5:::::::* cpe:2.3:a:citrix:xenserver:5.0:::::::* cpe:2.3:a:citrix:xenserver:5.0:update_3:::::: cpe:2.3:a:citrix:xenserver:4.1.0::standard::::: cpe:2.3:a:citrix:xenserver:4.1.0::enterprise_hp_integrated::::: cpe:2.3:a:citrix:xenserver:4.1.0::express::::: cpe:2.3:a:citrix:xenserver:4.1.0::express_dell_edition::::: cpe:2.3:a:citrix:xenserver:4.1.0::select_hp_integrated::::: cpe:2.3:a:citrix:xenserver:4.1.0::enterprise::::: cpe:2.3:a:citrix:xenserver:4.1.0::enterprise_dell_edition::::: cpe:2.3:a:citrix:xenserver:4.1.0:::::::* cpe:2.3:a:citrix:xenserver:4.1:::::::*	18
Application	Illumos cpe:2.3:a:illumos:illumos:::::::: cpe:2.3:a:illumos:illumos:-:::::::*	2
Application	Qemu cpe:2.3:a:qemu:qemu:1.2.2:::::::* cpe:2.3:a:qemu:qemu:1.2.1:::::::* cpe:2.3:a:qemu:qemu:1.2.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.2.0:rc0:::::: cpe:2.3:a:qemu:qemu:1.2.0:-:::::: cpe:2.3:a:qemu:qemu:1.2.0:rc3:::::: cpe:2.3:a:qemu:qemu:1.2.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.1.2:::::::* cpe:2.3:a:qemu:qemu:1.1.1:::::::* cpe:2.3:a:qemu:qemu:1.1:rc4:::::: cpe:2.3:a:qemu:qemu:1.1:rc1:::::: cpe:2.3:a:qemu:qemu:1.1:rc2:::::: cpe:2.3:a:qemu:qemu:1.1:rc3:::::: cpe:2.3:a:qemu:qemu:1.1:-:::::: cpe:2.3:a:qemu:qemu:1.0.1:::::::* cpe:2.3:a:qemu:qemu:1.0:rc3:::::: cpe:2.3:a:qemu:qemu:1.0:rc2:::::: cpe:2.3:a:qemu:qemu:1.0:rc1:::::: cpe:2.3:a:qemu:qemu:1.0:rc4:::::: cpe:2.3:a:qemu:qemu:1.0:-:::::: cpe:2.3:a:qemu:qemu:1:2.1+dfsg-12+deb8u6:::::::* cpe:2.3:a:qemu:qemu:1:2.8+dfsg-6+deb9u8:::::::* cpe:2.3:a:qemu:qemu:1:3.1+dfsg-8+deb10u2:::::::* cpe:2.3:a:qemu:qemu:1:3.1+dfsg-8~deb10u1:::::::* cpe:2.3:a:qemu:qemu:1:4.1-1:::::::* cpe:2.3:a:qemu:qemu:0.9.1-5:::::::* cpe:2.3:a:qemu:qemu:0.9.1:::::::* cpe:2.3:a:qemu:qemu:0.9.0:::::::* cpe:2.3:a:qemu:qemu:0.8.2:::::::* cpe:2.3:a:qemu:qemu:0.8.1:::::::* cpe:2.3:a:qemu:qemu:0.8.0:::::::* cpe:2.3:a:qemu:qemu:0.7.2:::::::* cpe:2.3:a:qemu:qemu:0.7.1:::::::* cpe:2.3:a:qemu:qemu:0.7.0:::::::* cpe:2.3:a:qemu:qemu:0.6.1:::::::* cpe:2.3:a:qemu:qemu:0.6.0:::::::* cpe:2.3:a:qemu:qemu:0.5.5:::::::* cpe:2.3:a:qemu:qemu:0.5.4:::::::* cpe:2.3:a:qemu:qemu:0.5.3:::::::* cpe:2.3:a:qemu:qemu:0.5.2:::::::* cpe:2.3:a:qemu:qemu:0.5.1:::::::* cpe:2.3:a:qemu:qemu:0.5.0:::::::* cpe:2.3:a:qemu:qemu:0.4.3:::::::* cpe:2.3:a:qemu:qemu:0.4.2:::::::* cpe:2.3:a:qemu:qemu:0.4.1:::::::* cpe:2.3:a:qemu:qemu:0.4.0:::::::* cpe:2.3:a:qemu:qemu:0.3.0:::::::* cpe:2.3:a:qemu:qemu:0.2.0:::::::* cpe:2.3:a:qemu:qemu:0.15.2:::::::* cpe:2.3:a:qemu:qemu:0.15.1:::::::* cpe:2.3:a:qemu:qemu:0.15.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.15.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.15.0:-:::::: cpe:2.3:a:qemu:qemu:0.14.1:::::::* cpe:2.3:a:qemu:qemu:0.14.0:-:::::: cpe:2.3:a:qemu:qemu:0.14.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.14.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.14.0:rc0:::::: cpe:2.3:a:qemu:qemu:0.13.0:-:::::: cpe:2.3:a:qemu:qemu:0.13.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.13.0:rc0:::::: cpe:2.3:a:qemu:qemu:0.12.5:::::::* cpe:2.3:a:qemu:qemu:0.12.4:::::::* cpe:2.3:a:qemu:qemu:0.12.3:::::::* cpe:2.3:a:qemu:qemu:0.12.2:::::::* cpe:2.3:a:qemu:qemu:0.12.1:::::::* cpe:2.3:a:qemu:qemu:0.12.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.12.0:-:::::: cpe:2.3:a:qemu:qemu:0.12.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.11.1:::::::* cpe:2.3:a:qemu:qemu:0.11.0-rc2:::::::* cpe:2.3:a:qemu:qemu:0.11.0-rc1:::::::* cpe:2.3:a:qemu:qemu:0.11.0-rc0:::::::* cpe:2.3:a:qemu:qemu:0.11.0:rc1:::::: cpe:2.3:a:qemu:qemu:0.11.0:rc0:::::: cpe:2.3:a:qemu:qemu:0.11.0:rc2:::::: cpe:2.3:a:qemu:qemu:0.11.0:-:::::: cpe:2.3:a:qemu:qemu:0.10.6:::::::* cpe:2.3:a:qemu:qemu:0.10.5:::::::* cpe:2.3:a:qemu:qemu:0.10.4:::::::* cpe:2.3:a:qemu:qemu:0.10.3:::::::* cpe:2.3:a:qemu:qemu:0.10.2:::::::* cpe:2.3:a:qemu:qemu:0.10.1:::::::* cpe:2.3:a:qemu:qemu:0.10.0:::::::* cpe:2.3:a:qemu:qemu:0.1.6:::::::* cpe:2.3:a:qemu:qemu:0.1.5:::::::* cpe:2.3:a:qemu:qemu:0.1.4:::::::* cpe:2.3:a:qemu:qemu:0.1.3:::::::* cpe:2.3:a:qemu:qemu:0.1.2:::::::* cpe:2.3:a:qemu:qemu:0.1.1:::::::* cpe:2.3:a:qemu:qemu:0.1.0:::::::* cpe:2.3:a:qemu:qemu:::::::: cpe:2.3:a:qemu:qemu::r1::::::* cpe:2.3:a:qemu:qemu:-:::::::*	94
Application	Redhat Virtualization cpe:2.3:a:redhat:virtualization:6.0:::::::* cpe:2.3:a:redhat:virtualization:5.0:::::::*	2
Application	Xen cpe:2.3:a:xen:xen:3.3.1:::::::* cpe:2.3:a:xen:xen:3.3.0:::::::* cpe:2.3:a:xen:xen:3.3:::::::* cpe:2.3:a:xen:xen:3.2.3:::::::* cpe:2.3:a:xen:xen:3.2.2:::::::* cpe:2.3:a:xen:xen:3.2.1:::::::* cpe:2.3:a:xen:xen:3.2.0:::::::* cpe:2.3:a:xen:xen:3.2:::::::* cpe:2.3:a:xen:xen:3.1.4:::::::* cpe:2.3:a:xen:xen:3.1.3:::::::* cpe:2.3:a:xen:xen:3.1.2:::::::* cpe:2.3:a:xen:xen:3.0.4:::::::* cpe:2.3:a:xen:xen:3.0.3:::::::* cpe:2.3:a:xen:xen:3.0.2:::::::* cpe:2.3:a:xen:xen:2.0:::::::* cpe:2.3:a:xen:xen::::::::	16
Os	Canonical Ubuntu Linux cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm::: cpe:2.3:o:canonical:ubuntu_linux:11.10:::::::* cpe:2.3:o:canonical:ubuntu_linux:11.04:::::::* cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::	5
Os	Debian Debian Linux cpe:2.3:o:debian:debian_linux:7.0:::::::* cpe:2.3:o:debian:debian_linux:6.0:::::::*	2
Os	Fedoraproject Fedora cpe:2.3:o:fedoraproject:fedora:18:::::::* cpe:2.3:o:fedoraproject:fedora:17:::::::* cpe:2.3:o:fedoraproject:fedora:16:::::::*	3
Os	Freebsd cpe:2.3:o:freebsd:freebsd:9.0:beta1:::::: cpe:2.3:o:freebsd:freebsd:9.0:beta2:::::: cpe:2.3:o:freebsd:freebsd:9.0:beta3:::::: cpe:2.3:o:freebsd:freebsd:9.0:-:::::: cpe:2.3:o:freebsd:freebsd:8.4:-:::::: cpe:2.3:o:freebsd:freebsd:8.4:p21:::::: cpe:2.3:o:freebsd:freebsd:8.4:p22:::::: cpe:2.3:o:freebsd:freebsd:8.4:p23:::::: cpe:2.3:o:freebsd:freebsd:8.4:p24:::::: cpe:2.3:o:freebsd:freebsd:8.4:beta1:::::: cpe:2.3:o:freebsd:freebsd:8.4:p16:::::: cpe:2.3:o:freebsd:freebsd:8.4:p2:::::: cpe:2.3:o:freebsd:freebsd:8.4:p27:::::: cpe:2.3:o:freebsd:freebsd:8.4:p30:::::: cpe:2.3:o:freebsd:freebsd:8.4:p8:::::: cpe:2.3:o:freebsd:freebsd:8.4:p11:::::: cpe:2.3:o:freebsd:freebsd:8.4:p12:::::: cpe:2.3:o:freebsd:freebsd:8.4:p13:::::: cpe:2.3:o:freebsd:freebsd:8.4:p14:::::: cpe:2.3:o:freebsd:freebsd:8.4:p33:::::: cpe:2.3:o:freebsd:freebsd:8.4:p34:::::: cpe:2.3:o:freebsd:freebsd:8.4:p4:::::: cpe:2.3:o:freebsd:freebsd:8.4:p7:::::: cpe:2.3:o:freebsd:freebsd:8.4:p19:::::: cpe:2.3:o:freebsd:freebsd:8.4:p15:::::: cpe:2.3:o:freebsd:freebsd:8.4:p17:::::: cpe:2.3:o:freebsd:freebsd:8.4:p20:::::: cpe:2.3:o:freebsd:freebsd:8.4:p26:::::: cpe:2.3:o:freebsd:freebsd:8.4:p3:::::: cpe:2.3:o:freebsd:freebsd:8.4:p9:::::: cpe:2.3:o:freebsd:freebsd:8.3:-:::::: cpe:2.3:o:freebsd:freebsd:8.2:-:::::: cpe:2.3:o:freebsd:freebsd:8.1-prerelease:::::::* cpe:2.3:o:freebsd:freebsd:8.1:-:::::: cpe:2.3:o:freebsd:freebsd:8.1:pre-release:::::: cpe:2.3:o:freebsd:freebsd:8.0:-:::::: cpe:2.3:o:freebsd:freebsd:8.0:p1:::::: cpe:2.3:o:freebsd:freebsd:8.0:p2:::::: cpe:2.3:o:freebsd:freebsd:8.0:p3:::::: cpe:2.3:o:freebsd:freebsd:8.0:p4:::::: cpe:2.3:o:freebsd:freebsd:8.0:p5:::::: cpe:2.3:o:freebsd:freebsd:8.0:p6:::::: cpe:2.3:o:freebsd:freebsd:7.4:-:::::: cpe:2.3:o:freebsd:freebsd:7.3:-:::::: cpe:2.3:o:freebsd:freebsd:7.2:pre-release:::::: cpe:2.3:o:freebsd:freebsd:7.2:stable:::::: cpe:2.3:o:freebsd:freebsd:7.2:-:::::: cpe:2.3:o:freebsd:freebsd:7.1:-:::::: cpe:2.3:o:freebsd:freebsd:7.1:rc1:::::: cpe:2.3:o:freebsd:freebsd:7.1:pre-release:::::: cpe:2.3:o:freebsd:freebsd:7.1:stable:::::: cpe:2.3:o:freebsd:freebsd:7.1:release-p1:::::: cpe:2.3:o:freebsd:freebsd:7.1:release-p2:::::: cpe:2.3:o:freebsd:freebsd:7.1:release-p5:::::: cpe:2.3:o:freebsd:freebsd:7.1:release-p6:::::: cpe:2.3:o:freebsd:freebsd:7.1:release-p4:::::: cpe:2.3:o:freebsd:freebsd:7.1:p1:::::: cpe:2.3:o:freebsd:freebsd:7.1:p10:::::: cpe:2.3:o:freebsd:freebsd:7.1:p12:::::: cpe:2.3:o:freebsd:freebsd:7.1:p13:::::: cpe:2.3:o:freebsd:freebsd:7.1:p14:::::: cpe:2.3:o:freebsd:freebsd:7.1:p15:::::: cpe:2.3:o:freebsd:freebsd:7.1:p16:::::: cpe:2.3:o:freebsd:freebsd:7.1:p2:::::: cpe:2.3:o:freebsd:freebsd:7.1:p3:::::: cpe:2.3:o:freebsd:freebsd:7.1:p4:::::: cpe:2.3:o:freebsd:freebsd:7.1:p5:::::: cpe:2.3:o:freebsd:freebsd:7.1:p6:::::: cpe:2.3:o:freebsd:freebsd:7.1:p7:::::: cpe:2.3:o:freebsd:freebsd:7.1:p8:::::: cpe:2.3:o:freebsd:freebsd:7.1:p9:::::: cpe:2.3:o:freebsd:freebsd:7.1:rc2:::::: cpe:2.3:o:freebsd:freebsd:7.0-release:::::::* cpe:2.3:o:freebsd:freebsd:7.0_releng:::::::* cpe:2.3:o:freebsd:freebsd:7.0_beta4:::::::* cpe:2.3:o:freebsd:freebsd:7.0:-:::::: cpe:2.3:o:freebsd:freebsd:7.0:current:::::: cpe:2.3:o:freebsd:freebsd:7.0:beta_4:::::: cpe:2.3:o:freebsd:freebsd:7.0:pre-release:::::: cpe:2.3:o:freebsd:freebsd:7.0:p6:::::: cpe:2.3:o:freebsd:freebsd:7.0:p1:::::: cpe:2.3:o:freebsd:freebsd:7.0:p3:::::: cpe:2.3:o:freebsd:freebsd:7.0:p4:::::: cpe:2.3:o:freebsd:freebsd:7.0:p5:::::: cpe:2.3:o:freebsd:freebsd:7.0:release-p9:::::: cpe:2.3:o:freebsd:freebsd:7.0:stable:::::: cpe:2.3:o:freebsd:freebsd:7.0:release:::::: cpe:2.3:o:freebsd:freebsd:7.0:release-p8:::::: cpe:2.3:o:freebsd:freebsd:7.0:releng:::::: cpe:2.3:o:freebsd:freebsd:7.0:release-p12:::::: cpe:2.3:o:freebsd:freebsd:6.4:-:::::: cpe:2.3:o:freebsd:freebsd:6.4:stable:::::: cpe:2.3:o:freebsd:freebsd:6.4:release_p4:::::: cpe:2.3:o:freebsd:freebsd:6.4:release:::::: cpe:2.3:o:freebsd:freebsd:6.4:release_p3:::::: cpe:2.3:o:freebsd:freebsd:6.4:release_p2:::::: cpe:2.3:o:freebsd:freebsd:6.4:release_p5:::::: cpe:2.3:o:freebsd:freebsd:6.3_releng:::::::* cpe:2.3:o:freebsd:freebsd:6.3:-:::::: cpe:2.3:o:freebsd:freebsd:6.3:p6:::::: cpe:2.3:o:freebsd:freebsd:6.3:p1:::::: cpe:2.3:o:freebsd:freebsd:6.3:p2:::::: cpe:2.3:o:freebsd:freebsd:6.3:p3:::::: cpe:2.3:o:freebsd:freebsd:6.3:p4:::::: cpe:2.3:o:freebsd:freebsd:6.3:p5:::::: cpe:2.3:o:freebsd:freebsd:6.3:release_p10:::::: cpe:2.3:o:freebsd:freebsd:6.3:release_p11:::::: cpe:2.3:o:freebsd:freebsd:6.3:release_p9:::::: cpe:2.3:o:freebsd:freebsd:6.3:release_p8:::::: cpe:2.3:o:freebsd:freebsd:6.3:release_p6:::::: cpe:2.3:o:freebsd:freebsd:6.2_releng:::::::* cpe:2.3:o:freebsd:freebsd:6.2:stable:::::: cpe:2.3:o:freebsd:freebsd:6.2:-:::::: cpe:2.3:o:freebsd:freebsd:6.2:p1:::::: cpe:2.3:o:freebsd:freebsd:6.2:p4:::::: cpe:2.3:o:freebsd:freebsd:6.2:p5:::::: cpe:2.3:o:freebsd:freebsd:6.2:p6:::::: cpe:2.3:o:freebsd:freebsd:6.1:release:::::: cpe:2.3:o:freebsd:freebsd:6.1:stable:::::: cpe:2.3:o:freebsd:freebsd:6.1:-:::::: cpe:2.3:o:freebsd:freebsd:6.1:release_p10:::::: cpe:2.3:o:freebsd:freebsd:6.1:p1:::::: cpe:2.3:o:freebsd:freebsd:6.1:p2:::::: cpe:2.3:o:freebsd:freebsd:6.1:p9:::::: cpe:2.3:o:freebsd:freebsd:6.1:p10:::::: cpe:2.3:o:freebsd:freebsd:6.1:p11:::::: cpe:2.3:o:freebsd:freebsd:6.1:p12:::::: cpe:2.3:o:freebsd:freebsd:6.1:p13:::::: cpe:2.3:o:freebsd:freebsd:6.1:p16:::::: cpe:2.3:o:freebsd:freebsd:6.1:p17:::::: cpe:2.3:o:freebsd:freebsd:6.1:p18:::::: cpe:2.3:o:freebsd:freebsd:6.1:p7:::::: cpe:2.3:o:freebsd:freebsd:6.1:p4:::::: cpe:2.3:o:freebsd:freebsd:6.1:p6:::::: cpe:2.3:o:freebsd:freebsd:6.0_p5_release:::::::* cpe:2.3:o:freebsd:freebsd:6.0:release:::::: cpe:2.3:o:freebsd:freebsd:6.0:stable:::::: cpe:2.3:o:freebsd:freebsd:6.0:-:::::: cpe:2.3:o:freebsd:freebsd:6:stable:::::: cpe:2.3:o:freebsd:freebsd:5.5_stable:::::::* cpe:2.3:o:freebsd:freebsd:5.5_release:::::::* cpe:2.3:o:freebsd:freebsd:5.5:-:::::: cpe:2.3:o:freebsd:freebsd:5.5:p1:::::: cpe:2.3:o:freebsd:freebsd:5.5:p11:::::: cpe:2.3:o:freebsd:freebsd:5.5:p12:::::: cpe:2.3:o:freebsd:freebsd:5.5:p13:::::: cpe:2.3:o:freebsd:freebsd:5.5:p2:::::: cpe:2.3:o:freebsd:freebsd:5.5:p3:::::: cpe:2.3:o:freebsd:freebsd:5.5:p4:::::: cpe:2.3:o:freebsd:freebsd:5.5:p5:::::: cpe:2.3:o:freebsd:freebsd:5.5:p7:::::: cpe:2.3:o:freebsd:freebsd:5.5:p8:::::: cpe:2.3:o:freebsd:freebsd:5.5:p9:::::: cpe:2.3:o:freebsd:freebsd:5.5:p14:::::: cpe:2.3:o:freebsd:freebsd:5.4:release:::::: cpe:2.3:o:freebsd:freebsd:5.4:pre-release:::::: cpe:2.3:o:freebsd:freebsd:5.4:-:::::: cpe:2.3:o:freebsd:freebsd:5.4:releng:::::: cpe:2.3:o:freebsd:freebsd:5.4:stable:::::: cpe:2.3:o:freebsd:freebsd:5.3:stable:::::: cpe:2.3:o:freebsd:freebsd:5.3:releng:::::: cpe:2.3:o:freebsd:freebsd:5.3:release:::::: cpe:2.3:o:freebsd:freebsd:5.3:-:::::: cpe:2.3:o:freebsd:freebsd:5.2.1:release:::::: cpe:2.3:o:freebsd:freebsd:5.2.1:releng:::::: cpe:2.3:o:freebsd:freebsd:5.2.1:-:::::: cpe:2.3:o:freebsd:freebsd:5.2:-:::::: cpe:2.3:o:freebsd:freebsd:5.1:release_p5:::::: cpe:2.3:o:freebsd:freebsd:5.1:release:::::: cpe:2.3:o:freebsd:freebsd:5.1:releng:::::: cpe:2.3:o:freebsd:freebsd:5.1:alpha:::::: cpe:2.3:o:freebsd:freebsd:5.1:-:::::: cpe:2.3:o:freebsd:freebsd:5.1:release_p1:::::: cpe:2.3:o:freebsd:freebsd:5.0:release_p14:::::: cpe:2.3:o:freebsd:freebsd:5.0:releng:::::: cpe:2.3:o:freebsd:freebsd:5.0:alpha:::::: cpe:2.3:o:freebsd:freebsd:5.0:-:::::: cpe:2.3:o:freebsd:freebsd:5.0:release:::::: cpe:2.3:o:freebsd:freebsd:4.9_prerelease:::::::* cpe:2.3:o:freebsd:freebsd:4.9:pre-release:::::: cpe:2.3:o:freebsd:freebsd:4.9:releng:::::: cpe:2.3:o:freebsd:freebsd:4.9:-:::::: cpe:2.3:o:freebsd:freebsd:4.8_prerelease:::::::* cpe:2.3:o:freebsd:freebsd:4.8:pre-release:::::: cpe:2.3:o:freebsd:freebsd:4.8:releng:::::: cpe:2.3:o:freebsd:freebsd:4.8:release_p6:::::: cpe:2.3:o:freebsd:freebsd:4.8:-:::::: cpe:2.3:o:freebsd:freebsd:4.8:release_p7:::::: cpe:2.3:o:freebsd:freebsd:4.8:release_p2:::::: cpe:2.3:o:freebsd:freebsd:4.8:p7:::::: cpe:2.3:o:freebsd:freebsd:4.8:p6:::::: cpe:2.3:o:freebsd:freebsd:4.8:p2:::::: cpe:2.3:o:freebsd:freebsd:4.7:releng:::::: cpe:2.3:o:freebsd:freebsd:4.7:release:::::: cpe:2.3:o:freebsd:freebsd:4.7:stable:::::: cpe:2.3:o:freebsd:freebsd:4.7:release_p17:::::: cpe:2.3:o:freebsd:freebsd:4.7:-:::::: cpe:2.3:o:freebsd:freebsd:4.6.2:-:::::: cpe:2.3:o:freebsd:freebsd:4.6.1:release_p10:::::: cpe:2.3:o:freebsd:freebsd:4.6.1:release_p1:::::: cpe:2.3:o:freebsd:freebsd:4.6.1:release_p4:::::: cpe:2.3:o:freebsd:freebsd:4.6.1:release_p5:::::: cpe:2.3:o:freebsd:freebsd:4.6.1:release_p7:::::: cpe:2.3:o:freebsd:freebsd:4.6.1:p1:::::: cpe:2.3:o:freebsd:freebsd:4.6.1:p4:::::: cpe:2.3:o:freebsd:freebsd:4.6.1:p7:::::: cpe:2.3:o:freebsd:freebsd:4.6.1:p10:::::: cpe:2.3:o:freebsd:freebsd:4.6.1:p5:::::: cpe:2.3:o:freebsd:freebsd:4.6:stable:::::: cpe:2.3:o:freebsd:freebsd:4.6:release:::::: cpe:2.3:o:freebsd:freebsd:4.6:releng:::::: cpe:2.3:o:freebsd:freebsd:4.6:release_p20:::::: cpe:2.3:o:freebsd:freebsd:4.6:-:::::: cpe:2.3:o:freebsd:freebsd:4.5:stable:::::: cpe:2.3:o:freebsd:freebsd:4.5:release_p32:::::: cpe:2.3:o:freebsd:freebsd:4.5:release:::::: cpe:2.3:o:freebsd:freebsd:4.5:releng:::::: cpe:2.3:o:freebsd:freebsd:4.5:-:::::: cpe:2.3:o:freebsd:freebsd:4.4:release_p42:::::: cpe:2.3:o:freebsd:freebsd:4.4:stable:::::: cpe:2.3:o:freebsd:freebsd:4.4:releng:::::: cpe:2.3:o:freebsd:freebsd:4.4:-:::::: cpe:2.3:o:freebsd:freebsd:4.4:release:::::: cpe:2.3:o:freebsd:freebsd:4.3:releng:::::: cpe:2.3:o:freebsd:freebsd:4.3:release_p38:::::: cpe:2.3:o:freebsd:freebsd:4.3:stable:::::: cpe:2.3:o:freebsd:freebsd:4.3:release:::::: cpe:2.3:o:freebsd:freebsd:4.3:-:::::: cpe:2.3:o:freebsd:freebsd:4.2:stable:::::: cpe:2.3:o:freebsd:freebsd:4.2:::::::* cpe:2.3:o:freebsd:freebsd:4.11_release:::::::* cpe:2.3:o:freebsd:freebsd:4.11_p20_release:::::::* cpe:2.3:o:freebsd:freebsd:4.11:release_p3:::::: cpe:2.3:o:freebsd:freebsd:4.11:releng:::::: cpe:2.3:o:freebsd:freebsd:4.11:stable:::::: cpe:2.3:o:freebsd:freebsd:4.11:-:::::: cpe:2.3:o:freebsd:freebsd:4.10_prerelease:::::::* cpe:2.3:o:freebsd:freebsd:4.10:releng:::::: cpe:2.3:o:freebsd:freebsd:4.10:release:::::: cpe:2.3:o:freebsd:freebsd:4.10:release_p8:::::: cpe:2.3:o:freebsd:freebsd:4.10:-:::::: cpe:2.3:o:freebsd:freebsd:4.1.1:stable:::::: cpe:2.3:o:freebsd:freebsd:4.1.1:release:::::: cpe:2.3:o:freebsd:freebsd:4.1.1:::::::* cpe:2.3:o:freebsd:freebsd:4.1:::::::* cpe:2.3:o:freebsd:freebsd:4.0:releng:::::: cpe:2.3:o:freebsd:freebsd:4.0:::::::* cpe:2.3:o:freebsd:freebsd:4.0:alpha:::::: cpe:2.3:o:freebsd:freebsd:3.5.1:release:::::: cpe:2.3:o:freebsd:freebsd:3.5.1:::::::* cpe:2.3:o:freebsd:freebsd:3.5.1:stable:::::: cpe:2.3:o:freebsd:freebsd:3.5:stable:::::: cpe:2.3:o:freebsd:freebsd:3.5:::::::* cpe:2.3:o:freebsd:freebsd:3.4:::::::* cpe:2.3:o:freebsd:freebsd:3.3:-:::::: cpe:2.3:o:freebsd:freebsd:3.2:::::::* cpe:2.3:o:freebsd:freebsd:3.1:::::::* cpe:2.3:o:freebsd:freebsd:3.0:releng:::::: cpe:2.3:o:freebsd:freebsd:3.0:::::::* cpe:2.3:o:freebsd:freebsd:2.2.8:::::::* cpe:2.3:o:freebsd:freebsd:2.2.7:::::::* cpe:2.3:o:freebsd:freebsd:2.2.6:::::::* cpe:2.3:o:freebsd:freebsd:2.2.5:::::::* cpe:2.3:o:freebsd:freebsd:2.2.4:::::::* cpe:2.3:o:freebsd:freebsd:2.2.3:::::::* cpe:2.3:o:freebsd:freebsd:2.2.2:::::::* cpe:2.3:o:freebsd:freebsd:2.2.1:::::::* cpe:2.3:o:freebsd:freebsd:2.2:::::::* cpe:2.3:o:freebsd:freebsd:2.2:current:::::: cpe:2.3:o:freebsd:freebsd:2.1.7.1:::::::* cpe:2.3:o:freebsd:freebsd:2.1.7:::::::* cpe:2.3:o:freebsd:freebsd:2.1.6.1:::::::* cpe:2.3:o:freebsd:freebsd:2.1.6:::::::* cpe:2.3:o:freebsd:freebsd:2.1.5:::::::* cpe:2.3:o:freebsd:freebsd:2.1.0:::::::* cpe:2.3:o:freebsd:freebsd:2.1:stable:::::: cpe:2.3:o:freebsd:freebsd:2.1:::::::* cpe:2.3:o:freebsd:freebsd:2.0.5:::::::* cpe:2.3:o:freebsd:freebsd:2.0.1:::::::* cpe:2.3:o:freebsd:freebsd:2.0:::::::* cpe:2.3:o:freebsd:freebsd:1.5:::::::* cpe:2.3:o:freebsd:freebsd:1.2:::::::* cpe:2.3:o:freebsd:freebsd:1.1.5.1:::::::* cpe:2.3:o:freebsd:freebsd:1.1.5:::::::* cpe:2.3:o:freebsd:freebsd:1.1:::::::* cpe:2.3:o:freebsd:freebsd:1.0:::::::* cpe:2.3:o:freebsd:freebsd:0.4_1:::::::* cpe:2.3:o:freebsd:freebsd:::::::: cpe:2.3:o:freebsd:freebsd:-:::::::*	289
Os	Illumos cpe:2.3:o:illumos:illumos::::::::	1
Os	Joyent Smartos cpe:2.3:o:joyent:smartos::::::::	1
Os	Microsoft Windows 7 cpe:2.3:o:microsoft:windows_7::sp1:x64::::: cpe:2.3:o:microsoft:windows_7:::x64:::::*	2
Os	Microsoft Windows Server 2003 cpe:2.3:o:microsoft:windows_server_2003::sp2::::::*	1
Os	Microsoft Windows Server 2008 cpe:2.3:o:microsoft:windows_server_2008:r2::::::x64:	1
Os	Microsoft Windows Xp cpe:2.3:o:microsoft:windows_xp::sp3::::::*	1
Os	Netbsd cpe:2.3:o:netbsd:netbsd:6.0:::::::* cpe:2.3:o:netbsd:netbsd:6.0:beta:::::: cpe:2.3:o:netbsd:netbsd:5.2.2:::::::* cpe:2.3:o:netbsd:netbsd:5.2.1:::::::* cpe:2.3:o:netbsd:netbsd:5.2:::::::* cpe:2.3:o:netbsd:netbsd:5.1.4:::::::* cpe:2.3:o:netbsd:netbsd:5.1.3:::::::* cpe:2.3:o:netbsd:netbsd:5.1.2:::::::* cpe:2.3:o:netbsd:netbsd:5.1.1:::::::* cpe:2.3:o:netbsd:netbsd:5.1:::::::* cpe:2.3:o:netbsd:netbsd:5.0.2:::::::* cpe:2.3:o:netbsd:netbsd:5.0.1:::::::* cpe:2.3:o:netbsd:netbsd:5.0:::::::* cpe:2.3:o:netbsd:netbsd:5.0:rc3:::::: cpe:2.3:o:netbsd:netbsd:4.1:::::::* cpe:2.3:o:netbsd:netbsd:4.0.1:::::::* cpe:2.3:o:netbsd:netbsd:4.0:::::::* cpe:2.3:o:netbsd:netbsd:4.0:beta:::::: cpe:2.3:o:netbsd:netbsd:4.0:beta2:::::: cpe:2.3:o:netbsd:netbsd:3.99.15:::::::* cpe:2.3:o:netbsd:netbsd:3.1:::::::* cpe:2.3:o:netbsd:netbsd:3.1:rc3:::::: cpe:2.3:o:netbsd:netbsd:3.1:rc1:::::: cpe:2.3:o:netbsd:netbsd:3.0.2:::::::* cpe:2.3:o:netbsd:netbsd:3.0.1:::::::* cpe:2.3:o:netbsd:netbsd:3.0:::::::* cpe:2.3:o:netbsd:netbsd:2.1.1:::::::* cpe:2.3:o:netbsd:netbsd:2.1:::::::* cpe:2.3:o:netbsd:netbsd:2.0.4:::::::* cpe:2.3:o:netbsd:netbsd:2.0.3:::::::* cpe:2.3:o:netbsd:netbsd:2.0.2:::::::* cpe:2.3:o:netbsd:netbsd:2.0.1:::::::* cpe:2.3:o:netbsd:netbsd:2.0:::::::* cpe:2.3:o:netbsd:netbsd:1.6.2:::::::* cpe:2.3:o:netbsd:netbsd:1.6.1:::::::* cpe:2.3:o:netbsd:netbsd:1.6:::::::* cpe:2.3:o:netbsd:netbsd:1.6:beta:::::: cpe:2.3:o:netbsd:netbsd:1.5.3:::::::* cpe:2.3:o:netbsd:netbsd:1.5.2:::::::* cpe:2.3:o:netbsd:netbsd:1.5.1:::::::* cpe:2.3:o:netbsd:netbsd:1.5:::::::* cpe:2.3:o:netbsd:netbsd:1.5::x86::::: cpe:2.3:o:netbsd:netbsd:1.5::sh3::::: cpe:2.3:o:netbsd:netbsd:1.4.3:::::::* cpe:2.3:o:netbsd:netbsd:1.4.2:::::::* cpe:2.3:o:netbsd:netbsd:1.4.2::sparc::::: cpe:2.3:o:netbsd:netbsd:1.4.2::alpha::::: cpe:2.3:o:netbsd:netbsd:1.4.2::arm32::::: cpe:2.3:o:netbsd:netbsd:1.4.2::x86::::: cpe:2.3:o:netbsd:netbsd:1.4.1:::::::* cpe:2.3:o:netbsd:netbsd:1.4.1::arm32::::: cpe:2.3:o:netbsd:netbsd:1.4.1::sparc::::: cpe:2.3:o:netbsd:netbsd:1.4.1::sh3::::: cpe:2.3:o:netbsd:netbsd:1.4.1::alpha::::: cpe:2.3:o:netbsd:netbsd:1.4.1::x86::::: cpe:2.3:o:netbsd:netbsd:1.4:::::::* cpe:2.3:o:netbsd:netbsd:1.4::sparc::::: cpe:2.3:o:netbsd:netbsd:1.4::alpha::::: cpe:2.3:o:netbsd:netbsd:1.4::arm32::::: cpe:2.3:o:netbsd:netbsd:1.4::x86::::: cpe:2.3:o:netbsd:netbsd:1.3.3:::::::* cpe:2.3:o:netbsd:netbsd:1.3.2:::::::* cpe:2.3:o:netbsd:netbsd:1.3.1:::::::* cpe:2.3:o:netbsd:netbsd:1.3:::::::* cpe:2.3:o:netbsd:netbsd:1.2.1:::::::* cpe:2.3:o:netbsd:netbsd:1.2:::::::* cpe:2.3:o:netbsd:netbsd:1.1:::::::* cpe:2.3:o:netbsd:netbsd:1.0:::::::* cpe:2.3:o:netbsd:netbsd:0.9:::::::* cpe:2.3:o:netbsd:netbsd:0.8:::::::* cpe:2.3:o:netbsd:netbsd:current:::::::* cpe:2.3:o:netbsd:netbsd:::::::: cpe:2.3:o:netbsd:netbsd:-::::::x86: cpe:2.3:o:netbsd:netbsd:-:::::::*	74
Os	Opensuse cpe:2.3:o:opensuse:opensuse:12.2:::::::* cpe:2.3:o:opensuse:opensuse:12.1:::::::* cpe:2.3:o:opensuse:opensuse:11.4:::::::*	3
Os	Redhat Enterprise Linux Desktop cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*	2
Os	Redhat Enterprise Linux Eus cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:6.3:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*	3
Os	Redhat Enterprise Linux Server cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*	2
Os	Redhat Enterprise Linux Server Aus cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*	2
Os	Redhat Enterprise Linux Workstation cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*	2
Os	Sun Sunos cpe:2.3:o:sun:sunos:5.9:::::::* cpe:2.3:o:sun:sunos:5.8:::::::* cpe:2.3:o:sun:sunos:5.8::x86::::: cpe:2.3:o:sun:sunos:5.7:::::::* cpe:2.3:o:sun:sunos:5.7::x86::::: cpe:2.3:o:sun:sunos:5.6:::::::* cpe:2.3:o:sun:sunos:5.6::x86::::: cpe:2.3:o:sun:sunos:5.5.1:::::::* cpe:2.3:o:sun:sunos:5.5.1::x86::::: cpe:2.3:o:sun:sunos:5.5:::::::* cpe:2.3:o:sun:sunos:5.5::x86::::: cpe:2.3:o:sun:sunos:5.4:::::::* cpe:2.3:o:sun:sunos:5.4::x86::::: cpe:2.3:o:sun:sunos:5.3:::::::* cpe:2.3:o:sun:sunos:5.2:::::::* cpe:2.3:o:sun:sunos:5.11:-:::::x86:* cpe:2.3:o:sun:sunos:5.11:::::::* cpe:2.3:o:sun:sunos:5.11::express::::: cpe:2.3:o:sun:sunos:5.11:-:::::amd64:* cpe:2.3:o:sun:sunos:5.10:::::::* cpe:2.3:o:sun:sunos:5.10:-:::::amd64:* cpe:2.3:o:sun:sunos:5.10:-:sparc:::::* cpe:2.3:o:sun:sunos:5.1:::::::* cpe:2.3:o:sun:sunos:5.0:::::::* cpe:2.3:o:sun:sunos:4.1psr_a:::::::* cpe:2.3:o:sun:sunos:4.1.4jl:::::::* cpe:2.3:o:sun:sunos:4.1.4:::::::* cpe:2.3:o:sun:sunos:4.1.3u1:::::::* cpe:2.3:o:sun:sunos:4.1.3c:::::::* cpe:2.3:o:sun:sunos:4.1.3a1:::::::* cpe:2.3:o:sun:sunos:4.1.3:::::::* cpe:2.3:o:sun:sunos:4.1.2:::::::* cpe:2.3:o:sun:sunos:4.1.1:::::::* cpe:2.3:o:sun:sunos:4.1:::::::* cpe:2.3:o:sun:sunos:4.0.3c:::::::* cpe:2.3:o:sun:sunos:4.0.3:::::::* cpe:2.3:o:sun:sunos:4.0.2:::::::* cpe:2.3:o:sun:sunos:4.0.1:::::::* cpe:2.3:o:sun:sunos:4.0:::::::* cpe:2.3:o:sun:sunos:3.5:::::::* cpe:2.3:o:sun:sunos:::::::: cpe:2.3:o:sun:sunos:-:::::::*	42
Os	Suse Linux Enterprise Desktop cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:::::: cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4::::::	2
Os	Suse Linux Enterprise Server cpe:2.3:o:suse:linux_enterprise_server:11:sp2::::-::* cpe:2.3:o:suse:linux_enterprise_server:11:sp2::::vmware::* cpe:2.3:o:suse:linux_enterprise_server:11:sp1:::ltss:::* cpe:2.3:o:suse:linux_enterprise_server:10:sp2:::::: cpe:2.3:o:suse:linux_enterprise_server:10:sp3:::ltss:::* cpe:2.3:o:suse:linux_enterprise_server:10:sp4::::::	6
Os	Suse Linux Enterprise Software Development Kit cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp2:::::: cpe:2.3:o:suse:linux_enterprise_software_development_kit:10:sp4::::::	2
Os	Xen cpe:2.3:o:xen:xen:4.2.2:::::::* cpe:2.3:o:xen:xen:4.2.2::::::x86: cpe:2.3:o:xen:xen:4.2.1:::::::* cpe:2.3:o:xen:xen:4.2.1:-:::::x86:* cpe:2.3:o:xen:xen:4.2.0:::::::* cpe:2.3:o:xen:xen:4.2.0:-:::::x64:* cpe:2.3:o:xen:xen:4.2.0:-:::::x86:* cpe:2.3:o:xen:xen:4.1.6.1:::::::* cpe:2.3:o:xen:xen:4.1.6.1::::x86::: cpe:2.3:o:xen:xen:4.1.6:::::::* cpe:2.3:o:xen:xen:4.1.5:::::::* cpe:2.3:o:xen:xen:4.1.5::::x86::: cpe:2.3:o:xen:xen:4.1.4:::::::* cpe:2.3:o:xen:xen:4.1.4::::x86::: cpe:2.3:o:xen:xen:4.1.3:::::::* cpe:2.3:o:xen:xen:4.1.3::::x86::: cpe:2.3:o:xen:xen:4.1.2:::::::* cpe:2.3:o:xen:xen:4.1.2::::x86::: cpe:2.3:o:xen:xen:4.1.1:::::::* cpe:2.3:o:xen:xen:4.1.1::::x86::: cpe:2.3:o:xen:xen:4.1.0:::::::* cpe:2.3:o:xen:xen:4.1.0:-:~~~~x64~:::::* cpe:2.3:o:xen:xen:4.1.0:-:~~~~x86~:::::* cpe:2.3:o:xen:xen:4.1.0::~~x86~~~::::: cpe:2.3:o:xen:xen:4.1.0:-:::::x64:* cpe:2.3:o:xen:xen:4.1.0:-:::::x86:* cpe:2.3:o:xen:xen:4.1.0::::x86::: cpe:2.3:o:xen:xen:4.0.4:::::::* cpe:2.3:o:xen:xen:4.0.3:::::::* cpe:2.3:o:xen:xen:4.0.2:::::::* cpe:2.3:o:xen:xen:4.0.1:::::::* cpe:2.3:o:xen:xen:4.0.0:::::::* cpe:2.3:o:xen:xen:4.0.0:-:~~~~x64~:::::* cpe:2.3:o:xen:xen:4.0.0:-:~~~~x86~:::::* cpe:2.3:o:xen:xen:4.0.0:-:::::x64:* cpe:2.3:o:xen:xen:4.0.0:-:::::x86:* cpe:2.3:o:xen:xen:3.4.4:::::::* cpe:2.3:o:xen:xen:3.4.3:::::::* cpe:2.3:o:xen:xen:3.4.2:::::::* cpe:2.3:o:xen:xen:3.4.1:::::::* cpe:2.3:o:xen:xen:3.4.0:::::::* cpe:2.3:o:xen:xen:3.3.2:::::::* cpe:2.3:o:xen:xen:3.3.1:::::::* cpe:2.3:o:xen:xen:3.3.0:::::::* cpe:2.3:o:xen:xen:3.2.3:::::::* cpe:2.3:o:xen:xen:3.2.2:::::::* cpe:2.3:o:xen:xen:3.2.1:::::::* cpe:2.3:o:xen:xen:3.2.0:::::::* cpe:2.3:o:xen:xen:3.1.4:::::::* cpe:2.3:o:xen:xen:3.1.3:::::::* cpe:2.3:o:xen:xen:3.0.4:::::::* cpe:2.3:o:xen:xen:3.0.3:::::::* cpe:2.3:o:xen:xen:3.0.2:::::::* cpe:2.3:o:xen:xen:2.2.0:::::::* cpe:2.3:o:xen:xen:::::::: cpe:2.3:o:xen:xen:::::::x86:* cpe:2.3:o:xen:xen:::::::arm:* cpe:2.3:o:xen:xen:-:::::::* cpe:2.3:o:xen:xen:-::~~~~x86~::::: cpe:2.3:o:xen:xen:-::::::x86:	60

OpenVAS Exploits

Date	Description
2013-09-18	Name : Debian Security Advisory DSA 2582-1 (xen - several vulnerabilities) File : nvt/deb_2582_1.nasl
2012-12-18	Name : Fedora Update for xen FEDORA-2012-19828 File : nvt/gb_fedora_2012_19828_xen_fc16.nasl
2012-12-14	Name : Fedora Update for xen FEDORA-2012-19717 File : nvt/gb_fedora_2012_19717_xen_fc17.nasl
2012-12-13	Name : SuSE Update for XEN openSUSE-SU-2012:1572-1 (XEN) File : nvt/gb_suse_2012_1572_1.nasl
2012-12-13	Name : SuSE Update for xen openSUSE-SU-2012:0886-1 (xen) File : nvt/gb_suse_2012_0886_1.nasl
2012-12-13	Name : SuSE Update for qemu openSUSE-SU-2012:1170-1 (qemu) File : nvt/gb_suse_2012_1170_1.nasl
2012-12-13	Name : SuSE Update for Security openSUSE-SU-2012:1174-1 (Security) File : nvt/gb_suse_2012_1174_1.nasl
2012-12-13	Name : SuSE Update for Security openSUSE-SU-2012:1172-1 (Security) File : nvt/gb_suse_2012_1172_1.nasl
2012-12-06	Name : CentOS Update for kernel CESA-2012:1540 centos5 File : nvt/gb_CESA-2012_1540_kernel_centos5.nasl
2012-12-06	Name : RedHat Update for kernel RHSA-2012:1540-01 File : nvt/gb_RHSA-2012_1540-01_kernel.nasl
2012-11-23	Name : Fedora Update for xen FEDORA-2012-18242 File : nvt/gb_fedora_2012_18242_xen_fc17.nasl
2012-11-23	Name : Fedora Update for xen FEDORA-2012-18249 File : nvt/gb_fedora_2012_18249_xen_fc16.nasl
2012-11-15	Name : Fedora Update for xen FEDORA-2012-17204 File : nvt/gb_fedora_2012_17204_xen_fc17.nasl
2012-11-15	Name : Fedora Update for xen FEDORA-2012-17408 File : nvt/gb_fedora_2012_17408_xen_fc16.nasl
2012-11-15	Name : CentOS Update for kernel CESA-2012:1445 centos5 File : nvt/gb_CESA-2012_1445_kernel_centos5.nasl
2012-11-15	Name : RedHat Update for kernel RHSA-2012:1445-01 File : nvt/gb_RHSA-2012_1445-01_kernel.nasl
2012-10-19	Name : Fedora Update for qemu FEDORA-2012-15606 File : nvt/gb_fedora_2012_15606_qemu_fc16.nasl
2012-10-16	Name : Fedora Update for qemu FEDORA-2012-15740 File : nvt/gb_fedora_2012_15740_qemu_fc17.nasl
2012-10-03	Name : Ubuntu Update for qemu-kvm USN-1590-1 File : nvt/gb_ubuntu_USN_1590_1.nasl
2012-09-22	Name : Fedora Update for xen FEDORA-2012-13434 File : nvt/gb_fedora_2012_13434_xen_fc17.nasl
2012-09-22	Name : Fedora Update for xen FEDORA-2012-13443 File : nvt/gb_fedora_2012_13443_xen_fc16.nasl
2012-09-15	Name : Debian Security Advisory DSA 2543-1 (xen-qemu-dm-4.0) File : nvt/deb_2543_1.nasl
2012-09-15	Name : Debian Security Advisory DSA 2542-1 (qemu-kvm) File : nvt/deb_2542_1.nasl
2012-09-15	Name : Debian Security Advisory DSA 2544-1 (xen) File : nvt/deb_2544_1.nasl
2012-09-15	Name : Debian Security Advisory DSA 2545-1 (qemu) File : nvt/deb_2545_1.nasl
2012-09-07	Name : RedHat Update for qemu-kvm RHSA-2012:1234-01 File : nvt/gb_RHSA-2012_1234-01_qemu-kvm.nasl
2012-09-07	Name : RedHat Update for xen RHSA-2012:1236-01 File : nvt/gb_RHSA-2012_1236-01_xen.nasl
2012-09-07	Name : CentOS Update for xen CESA-2012:1236 centos5 File : nvt/gb_CESA-2012_1236_xen_centos5.nasl
2012-09-07	Name : CentOS Update for kmod-kvm CESA-2012:1235 centos5 File : nvt/gb_CESA-2012_1235_kmod-kvm_centos5.nasl
2012-09-07	Name : CentOS Update for qemu-guest-agent CESA-2012:1234 centos6 File : nvt/gb_CESA-2012_1234_qemu-guest-agent_centos6.nasl
2012-08-30	Name : Fedora Update for xen FEDORA-2012-9386 File : nvt/gb_fedora_2012_9386_xen_fc17.nasl
2012-08-30	Name : Fedora Update for xen FEDORA-2012-11182 File : nvt/gb_fedora_2012_11182_xen_fc17.nasl
2012-08-30	Name : Fedora Update for xen FEDORA-2012-11755 File : nvt/gb_fedora_2012_11755_xen_fc17.nasl
2012-08-30	Name : Debian Security Advisory DSA 2531-1 (xen) File : nvt/deb_2531_1.nasl
2012-08-24	Name : Fedora Update for xen FEDORA-2012-11785 File : nvt/gb_fedora_2012_11785_xen_fc16.nasl
2012-08-10	Name : Debian Security Advisory DSA 2501-1 (xen) File : nvt/deb_2501_1.nasl
2012-08-10	Name : Debian Security Advisory DSA 2508-1 (kfreebsd-8) File : nvt/deb_2508_1.nasl
2012-08-10	Name : FreeBSD Ports: FreeBSD File : nvt/freebsd_FreeBSD16.nasl
2012-08-06	Name : Fedora Update for xen FEDORA-2012-11190 File : nvt/gb_fedora_2012_11190_xen_fc16.nasl
2012-07-30	Name : CentOS Update for kernel CESA-2012:0721 centos5 File : nvt/gb_CESA-2012_0721_kernel_centos5.nasl
2012-07-30	Name : CentOS Update for kernel CESA-2011:1212 centos5 x86_64 File : nvt/gb_CESA-2011_1212_kernel_centos5_x86_64.nasl
2012-06-28	Name : Fedora Update for xen FEDORA-2012-9399 File : nvt/gb_fedora_2012_9399_xen_fc16.nasl
2012-06-28	Name : Fedora Update for xen FEDORA-2012-9430 File : nvt/gb_fedora_2012_9430_xen_fc15.nasl
2012-06-15	Name : RedHat Update for kernel RHSA-2012:0721-01 File : nvt/gb_RHSA-2012_0721-01_kernel.nasl
2012-06-13	Name : Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167) File : nvt/secpod_ms12-042.nasl
2012-03-15	Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser... File : nvt/gb_VMSA-2012-0001.nasl
2012-02-11	Name : Debian Security Advisory DSA 2337-1 (xen) File : nvt/deb_2337_1.nasl
2011-09-23	Name : CentOS Update for kernel CESA-2011:1212 centos5 i386 File : nvt/gb_CESA-2011_1212_kernel_centos5_i386.nasl
2011-09-12	Name : RedHat Update for kernel RHSA-2011:1212-01 File : nvt/gb_RHSA-2011_1212-01_kernel.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
74873	Xen x86_64__addr_ok() Macro Off-by-one Unprivileged Local Host DoS
73740	Xen Paravirtualised Guests Decompression Local DoS

Information Assurance Vulnerability Management (IAVM)

Date	Description
2013-05-16	IAVM : 2013-B-0048 - Multiple Vulnerabilities in Citrix XenServer Severity : Category I - VMSKEY : V0037950
2012-02-02	IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity : Category I - VMSKEY : V0031252

Nessus® Vulnerability Scanner

Date	Description
2016-04-07	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201604-03.nasl - Type : ACT_GATHER_INFO
2016-03-03	Name : The remote VMware ESXi / ESX host is missing a security-related patch. File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO
2016-01-06	Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL13405416.nasl - Type : ACT_GATHER_INFO
2015-06-12	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2015-0068.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1487-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2012-1606-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2013-1774-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0411-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0446-1.nasl - Type : ACT_GATHER_INFO
2015-05-20	Name : The remote SUSE host is missing one or more security updates. File : suse_SU-2014-0470-1.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0020.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0021.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0022.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0034.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0035.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0036.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0039.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0040.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0046.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0048.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0049.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0050.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0051.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0056.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0057.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2012-0058.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0001.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0002.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0004.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0009.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0011.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0031.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0032.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0033.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0036.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0037.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0042.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0043.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0056.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0057.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0059.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0069.nasl - Type : ACT_GATHER_INFO
2014-11-26	Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2013-0074.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1233.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1262.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2012-1325.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0610.nasl - Type : ACT_GATHER_INFO
2014-11-08	Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-0636.nasl - Type : ACT_GATHER_INFO
2014-08-19	Name : The remote Debian host is missing a security-related update. File : debian_DSA-3006.nasl - Type : ACT_GATHER_INFO
2014-07-26	Name : The remote Solaris system is missing a security patch from CPU oct2012. File : solaris_oct2012_SRU10_5.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-403.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-404.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-591.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-596.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-597.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-598.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-599.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-811.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-812.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-869.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2012-870.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-310.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-311.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-669.nasl - Type : ACT_GATHER_INFO
2014-06-13	Name : The remote openSUSE host is missing a security update. File : openSUSE-2013-677.nasl - Type : ACT_GATHER_INFO
2013-12-20	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201311-131127.nasl - Type : ACT_GATHER_INFO
2013-11-20	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201310-131029.nasl - Type : ACT_GATHER_INFO
2013-09-28	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201309-24.nasl - Type : ACT_GATHER_INFO
2013-08-10	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201307-130714.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-10136.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-10247.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-10908.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-10929.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-10941.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-11768.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-11785.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-11837.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-11871.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-11874.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Fedora host is missing a security update. File : fedora_2013-9986.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-0496.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2011-1212.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0721-1.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-0721.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1234.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1235.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1236.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1540-1.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2012-1540.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0168-1.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0168.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0599.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0608.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0609.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0847-1.nasl - Type : ACT_GATHER_INFO
2013-07-12	Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0847.nasl - Type : ACT_GATHER_INFO
2013-06-26	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201305-130531.nasl - Type : ACT_GATHER_INFO
2013-05-23	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130521_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-05-22	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0847.nasl - Type : ACT_GATHER_INFO
2013-05-22	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0847.nasl - Type : ACT_GATHER_INFO
2013-05-15	Name : The remote Fedora host is missing a security update. File : fedora_2013-7426.nasl - Type : ACT_GATHER_INFO
2013-05-15	Name : The remote Fedora host is missing a security update. File : fedora_2013-7432.nasl - Type : ACT_GATHER_INFO
2013-05-13	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2666.nasl - Type : ACT_GATHER_INFO
2013-05-10	Name : The remote Fedora host is missing a security update. File : fedora_2013-7406.nasl - Type : ACT_GATHER_INFO
2013-05-05	Name : The remote Fedora host is missing a security update. File : fedora_2013-6641.nasl - Type : ACT_GATHER_INFO
2013-05-05	Name : The remote Fedora host is missing a security update. File : fedora_2013-6723.nasl - Type : ACT_GATHER_INFO
2013-04-30	Name : The remote Fedora host is missing a security update. File : fedora_2013-6211.nasl - Type : ACT_GATHER_INFO
2013-04-26	Name : The remote Fedora host is missing a security update. File : fedora_2013-6185.nasl - Type : ACT_GATHER_INFO
2013-04-26	Name : The remote Fedora host is missing a security update. File : fedora_2013-6221.nasl - Type : ACT_GATHER_INFO
2013-04-22	Name : The remote Fedora host is missing a security update. File : fedora_2013-5315.nasl - Type : ACT_GATHER_INFO
2013-04-20	Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-121.nasl - Type : ACT_GATHER_INFO
2013-04-19	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2662.nasl - Type : ACT_GATHER_INFO
2013-04-14	Name : The remote Fedora host is missing a security update. File : fedora_2013-4927.nasl - Type : ACT_GATHER_INFO
2013-04-14	Name : The remote Fedora host is missing a security update. File : fedora_2013-4952.nasl - Type : ACT_GATHER_INFO
2013-04-04	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-130313.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0608.nasl - Type : ACT_GATHER_INFO
2013-03-10	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0609.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0608.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0609.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130306_xen_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130307_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-03-08	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130307_qemu_kvm_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0599.nasl - Type : ACT_GATHER_INFO
2013-03-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0599.nasl - Type : ACT_GATHER_INFO
2013-03-04	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2636.nasl - Type : ACT_GATHER_INFO
2013-02-19	Name : The remote Fedora host is missing a security update. File : fedora_2013-2225.nasl - Type : ACT_GATHER_INFO
2013-02-18	Name : The remote Fedora host is missing a security update. File : fedora_2013-2002.nasl - Type : ACT_GATHER_INFO
2013-02-11	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2619.nasl - Type : ACT_GATHER_INFO
2013-02-04	Name : The remote Fedora host is missing a security update. File : fedora_2013-1269.nasl - Type : ACT_GATHER_INFO
2013-02-04	Name : The remote Fedora host is missing a security update. File : fedora_2013-1274.nasl - Type : ACT_GATHER_INFO
2013-02-04	Name : The remote Fedora host is missing a security update. File : fedora_2013-1434.nasl - Type : ACT_GATHER_INFO
2013-01-29	Name : The remote Fedora host is missing a security update. File : fedora_2013-0934.nasl - Type : ACT_GATHER_INFO
2013-01-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-0965.nasl - Type : ACT_GATHER_INFO
2013-01-28	Name : The remote Fedora host is missing a security update. File : fedora_2013-0971.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing a security update. File : suse_11_kvm-120831.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libvirt-201211-121102.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-121205.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201206-120606.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201208-120803.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201208-120805.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201209-120829.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201209-120831.nasl - Type : ACT_GATHER_INFO
2013-01-25	Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_xen-201211-121102.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0168.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1813.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0720.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1234.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1235.nasl - Type : ACT_GATHER_INFO
2013-01-24	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130122_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2013-01-23	Name : The remote Fedora host is missing a security update. File : fedora_2013-0608.nasl - Type : ACT_GATHER_INFO
2013-01-23	Name : The remote Fedora host is missing a security update. File : fedora_2013-0627.nasl - Type : ACT_GATHER_INFO
2013-01-23	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0168.nasl - Type : ACT_GATHER_INFO
2013-01-17	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1692-1.nasl - Type : ACT_GATHER_INFO
2013-01-16	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2607.nasl - Type : ACT_GATHER_INFO
2013-01-16	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2608.nasl - Type : ACT_GATHER_INFO
2012-12-17	Name : The remote Fedora host is missing a security update. File : fedora_2012-19828.nasl - Type : ACT_GATHER_INFO
2012-12-13	Name : The remote Fedora host is missing a security update. File : fedora_2012-19717.nasl - Type : ACT_GATHER_INFO
2012-12-12	Name : The remote Fedora host is missing a security update. File : fedora_2012-19652.nasl - Type : ACT_GATHER_INFO
2012-12-09	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2582.nasl - Type : ACT_GATHER_INFO
2012-12-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1540.nasl - Type : ACT_GATHER_INFO
2012-12-07	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20121204_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-12-05	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1540.nasl - Type : ACT_GATHER_INFO
2012-12-05	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xen-8379.nasl - Type : ACT_GATHER_INFO
2012-11-26	Name : The remote Fedora host is missing a security update. File : fedora_2012-18146.nasl - Type : ACT_GATHER_INFO
2012-11-23	Name : The remote Fedora host is missing a security update. File : fedora_2012-18242.nasl - Type : ACT_GATHER_INFO
2012-11-23	Name : The remote Fedora host is missing a security update. File : fedora_2012-18249.nasl - Type : ACT_GATHER_INFO
2012-11-19	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xen-201211-8359.nasl - Type : ACT_GATHER_INFO
2012-10-17	Name : The remote Fedora host is missing a security update. File : fedora_2012-15606.nasl - Type : ACT_GATHER_INFO
2012-10-15	Name : The remote Fedora host is missing a security update. File : fedora_2012-15740.nasl - Type : ACT_GATHER_INFO
2012-10-03	Name : The remote Ubuntu host is missing a security-related patch. File : ubuntu_USN-1590-1.nasl - Type : ACT_GATHER_INFO
2012-09-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-13434.nasl - Type : ACT_GATHER_INFO
2012-09-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-13443.nasl - Type : ACT_GATHER_INFO
2012-09-18	Name : The remote Fedora host is missing a security update. File : fedora_2012-13536.nasl - Type : ACT_GATHER_INFO
2012-09-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2542.nasl - Type : ACT_GATHER_INFO
2012-09-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2543.nasl - Type : ACT_GATHER_INFO
2012-09-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2544.nasl - Type : ACT_GATHER_INFO
2012-09-10	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2545.nasl - Type : ACT_GATHER_INFO
2012-09-10	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xen-201209-8268.nasl - Type : ACT_GATHER_INFO
2012-09-07	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1234.nasl - Type : ACT_GATHER_INFO
2012-09-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1235.nasl - Type : ACT_GATHER_INFO
2012-09-06	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-1236.nasl - Type : ACT_GATHER_INFO
2012-09-06	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-1236.nasl - Type : ACT_GATHER_INFO
2012-09-06	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120905_kvm_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-09-06	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120905_qemu_kvm_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-09-06	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120905_xen_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-22	Name : The remote Fedora host is missing a security update. File : fedora_2012-11755.nasl - Type : ACT_GATHER_INFO
2012-08-22	Name : The remote Fedora host is missing a security update. File : fedora_2012-11785.nasl - Type : ACT_GATHER_INFO
2012-08-20	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2531.nasl - Type : ACT_GATHER_INFO
2012-08-06	Name : The remote Fedora host is missing a security update. File : fedora_2012-11182.nasl - Type : ACT_GATHER_INFO
2012-08-06	Name : The remote Fedora host is missing a security update. File : fedora_2012-11190.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20110906_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01	Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20120612_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-07-23	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2508.nasl - Type : ACT_GATHER_INFO
2012-06-29	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2501.nasl - Type : ACT_GATHER_INFO
2012-06-28	Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_aed44c4ec06711e1b5e0000c299b62e1.nasl - Type : ACT_GATHER_INFO
2012-06-26	Name : The remote Fedora host is missing a security update. File : fedora_2012-9386.nasl - Type : ACT_GATHER_INFO
2012-06-26	Name : The remote Fedora host is missing a security update. File : fedora_2012-9399.nasl - Type : ACT_GATHER_INFO
2012-06-26	Name : The remote Fedora host is missing a security update. File : fedora_2012-9430.nasl - Type : ACT_GATHER_INFO
2012-06-14	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2012-0721.nasl - Type : ACT_GATHER_INFO
2012-06-13	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2012-0721.nasl - Type : ACT_GATHER_INFO
2012-06-13	Name : The Windows kernel is affected by multiple elevation of privilege vulnerabili... File : smb_nt_ms12-042.nasl - Type : ACT_GATHER_INFO
2012-06-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xen-201206-8180.nasl - Type : ACT_GATHER_INFO
2012-01-31	Name : The remote VMware ESXi / ESX host is missing one or more security-related pat... File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO
2011-12-13	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xen-7699.nasl - Type : ACT_GATHER_INFO
2011-11-07	Name : The remote Debian host is missing a security-related update. File : debian_DSA-2337.nasl - Type : ACT_GATHER_INFO
2011-10-24	Name : The remote SuSE 10 host is missing a security-related patch. File : suse_xen-201108-7703.nasl - Type : ACT_GATHER_INFO
2011-09-23	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-1212.nasl - Type : ACT_GATHER_INFO
2011-09-07	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-1212.nasl - Type : ACT_GATHER_INFO
2011-05-12	Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2011-0496.nasl - Type : ACT_GATHER_INFO
2011-05-10	Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2011-0496.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:37:47	Multiple Updates
2013-10-02 21:29:33	Multiple Updates
2013-10-01 21:23:29	Multiple Updates
2013-09-28 00:19:29	First insertion

Global Informations

Type	Count
CWE ID(s)	46
Oval ID(s)	63
CPE ID(s)	642
osvdb(s)	2
Openvas Exploit(s)	49
IAVM(s)	2
Nessus® Exploit(s)	210

	Related
9.3	CVE-2012-6075
7.4	CVE-2013-2211
7.4	CVE-2013-1432
7.2	CVE-2012-6030
7.2	CVE-2012-3515
7.2	CVE-2012-0217
6.9	CVE-2013-2196
6.9	CVE-2013-2195
6.9	CVE-2013-2194
6.9	CVE-2013-1964
6.9	CVE-2012-6035
6.9	CVE-2012-5513
6.9	CVE-2012-3497
6.1	CVE-2012-5634
6.1	CVE-2012-3495
5.6	CVE-2012-3498
5.5	CVE-2011-2901
5.2	CVE-2013-2077
4.9	CVE-2012-6032
4.9	CVE-2012-4538
4.9	CVE-2012-3433
4.7	CVE-2013-2078
4.7	CVE-2013-1919
4.7	CVE-2013-1918
4.7	CVE-2013-0153
4.7	CVE-2013-0152
4.7	CVE-2012-6333
4.7	CVE-2012-6031
4.7	CVE-2012-5525
4.7	CVE-2012-5515
4.7	CVE-2012-5514
4.7	CVE-2012-5511
4.7	CVE-2012-5510
4.7	CVE-2012-3496
4.6	CVE-2013-0151
4.6	CVE-2012-4411
4.4	CVE-2013-1920
4.4	CVE-2012-6036
4.4	CVE-2012-6034
4.4	CVE-2012-6033
4.3	CVE-2013-2076
4.3	CVE-2013-0215
3.3	CVE-2013-1922
3.2	CVE-2012-5512
2.1	CVE-2012-4539
2.1	CVE-2012-4537
2.1	CVE-2012-4536
2.1	CVE-2012-3494
2.1	CVE-2011-3262
1.9	CVE-2013-1952
1.9	CVE-2013-1917
1.9	CVE-2013-0154
1.9	CVE-2012-4535
1.9	CVE-2012-3432
1.9	CVE-2012-2934
1.9	CVE-2012-0218
0	CVE-2012-2497
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 57 more Alert(s)