|
|
>> Fedora Security Update Fixes Xen Insecure Temporary File Vulnerability
|
Title : Fedora Security Update Fixes Xen Insecure Temporary File Vulnerability
VUPEN ID : VUPEN/ADV-2007-3740
CVE ID : CVE-2007-3919
Rated as : Low Risk 
Remotely Exploitable : Yes
Locally Exploitable : Yes
Release Date : 2007-11-06
|
A vulnerability has been identified in Fedora, which could be exploited by local attackers to bypass security restrictions. This issue is caused by an error in Xen. For additional information, see : VUPEN/ADV-2007-3621
Affected Products
Fedora Core 6
Solution
Upgrade the affected packages :
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
fdd90270390597e8a610e0f311c2138c1c7baa80 SRPMS/xen-3.0.3-13.fc6.src.rpm
fdd90270390597e8a610e0f311c2138c1c7baa80 noarch/xen-3.0.3-13.fc6.src.rpm
8163a0a42843e72852c7f7330974229072075504 x86_64/xen-3.0.3-13.fc6.x86_64.rpm
2056553fde1257731eba7ac360d8802c1a938edb x86_64/debug/xen-debuginfo-3.0.3-13.fc6.x86_64.rpm
be95a5f72620f0dc14d3c932a32268fa8dcb3a84 x86_64/xen-libs-3.0.3-13.fc6.x86_64.rpm
4308908c4cd0950b49f8c109232a9d05f3a5b50d x86_64/xen-devel-3.0.3-13.fc6.x86_64.rpm
de7e3e494d6cb309a5bdde9637a113b0cbb398ab i386/debug/xen-debuginfo-3.0.3-13.fc6.i386.rpm
ddacf1c9cfc8d7c15f10c81234654cf4ea53027c i386/xen-3.0.3-13.fc6.i386.rpm
099b3c99d6c9efa2bf148b257b2b480f6c31e0ea i386/xen-libs-3.0.3-13.fc6.i386.rpm
4fc5028b60a1dcd857e0fb1c0e31f7be33d67ee3 i386/xen-devel-3.0.3-13.fc6.i386.rpm
References
http://www.vupen.com/english/advisories/2007/3740
https://www.redhat.com/archives/fedora-package-announce/2007-November/msg00075.html
ChangeLog
2007-11-06 : Initial release
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
