Contact | Site en Français               

 


 

Vulnerabilities & Threats
 
  VUPEN Security Advisories
  Linux Security Advisories

  Malware Advisories
  Security Research
  Threat Watch Blog
  Zero-Day Monitor
  Search Engine
  Mailing List & RSS
 
   

>> Fedora Security Update Fixes Xen QEMU Monitor Mode File Disclosure Vulnerability

Title : Fedora Security Update Fixes Xen QEMU Monitor Mode File Disclosure Vulnerability
VUPEN ID : VUPEN/ADV-2007-1020
CVE ID : CVE-2007-0998
Rated as : Moderate Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-03-20

Technical Description    Receive VUPEN Security alerts in a Text format  Receive VUPEN Security alerts in a PDF format  Receive VUPEN Security alerts in an XML format 

Fedora has released security updates to address a vulnerability identified in Xen. This issue could be exploited by malicious users to gain unauthorized access to arbitrary files. For additional information, see : VUPEN/ADV-2007-1019

Affected Products

Fedora Core 5
Fedora Core 6

Solution

Upgrade the affected packages :

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

c297d6797d1ce0661faa6aba24d935dad39f802a SRPMS/xen-3.0.3-5.fc5.src.rpm
c297d6797d1ce0661faa6aba24d935dad39f802a noarch/xen-3.0.3-5.fc5.src.rpm
539fcaf6c27e935ba71438a24d73e254e10fe485 x86_64/debug/xen-debuginfo-3.0.3-5.fc5.x86_64.rpm
547908d63701c29026d4bda11aad298c0f4be761 x86_64/xen-3.0.3-5.fc5.x86_64.rpm
513513621d4fb375f982abfbe5ee78d5bc503094 i386/xen-3.0.3-5.fc5.i386.rpm
5a70730cc08d4bdc342f21e614cbe0d0e240b11c i386/debug/xen-debuginfo-3.0.3-5.fc5.i386.rpm

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

1741f962baeb775c9e2519b18aa44e2831c0585f SRPMS/xen-3.0.3-8.fc6.src.rpm
1741f962baeb775c9e2519b18aa44e2831c0585f noarch/xen-3.0.3-8.fc6.src.rpm
c384423104620e719c2ae8fa2947ede9f675d4f7 x86_64/debug/xen-debuginfo-3.0.3-8.fc6.x86_64.rpm
9f865fd4ed56c4d35382c51bd00e2019156184c5 x86_64/xen-3.0.3-8.fc6.x86_64.rpm
4b458e342a7a6e54ee4260b2cfe5fa30eceda74f x86_64/xen-libs-3.0.3-8.fc6.x86_64.rpm
1485f0bbde1c4f9cbe5fd591806007409cdc9e5c x86_64/xen-devel-3.0.3-8.fc6.x86_64.rpm
e2cac6874e958ec27d6167b23171121b3df08ae9 i386/debug/xen-debuginfo-3.0.3-8.fc6.i386.rpm
435e65f7dd61f4164200f27d72f989571578c288 i386/xen-libs-3.0.3-8.fc6.i386.rpm
6a01404d96baaae8ca45dcd35bc2af6b61dd6f08 i386/xen-devel-3.0.3-8.fc6.i386.rpm
200dc86cf82dc8a7efa6144d037bb52928adf773 i386/xen-3.0.3-8.fc6.i386.rpm

References

http://www.vupen.com/english/advisories/2007/1020
https://www.redhat.com/archives/fedora-package-announce/2007-March/msg00055.html
https://www.redhat.com/archives/fedora-package-announce/2007-March/msg00056.html

Credits

Vulnerability reported by Redhat

ChangeLog

2007-03-20 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.
 

Vulnerability Alerting

Free 14-Day Trial
 
  Latest News

 

  >> 2009-07-06

     

  Microsoft Windows 0-Day
  Flaw Exploited in the Wild


  >> 2009-06-10

     

  VUPEN Security Research
  Discovered Critical Flaws
  in Adobe Acrobat and MS
  Office Word


  >> 2009-06-02

     

  VUPEN Security Research
  Discovered Critical Flaws
  in ACDSee Products


  >> 2009-05-22

     

  VUPEN Discovered Two
  Critical Vulnerabilities in
  Novell GroupWise 8 / 7

 

 

More Informations    
    








Copyright 2003-2009 © VUPEN.COM - Privacy Policy