Detections
Analytics

OracleVM 2.1 : xen (OVMSA-2008-2007)

medium Nessus Plugin ID 79449

Language:

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

 - CVE-2008-1945: add image format options for USB storage and removable media

 - CVE-2008-1952: included in fix for CVE-2008-1943 (3.1.4-0.1.3.el5)

Solution

Update the affected packages.

See Also

http://www.nessus.org/u?c699757c

Plugin Details

Severity: Medium

ID: 79449

File Name: oraclevm_OVMSA-2008-2007.nasl

Version: 1.7

Type: local

Published: 11/26/2014

Updated: 1/14/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: Medium

Base Score: 4.9

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:xen, p-cpe:/a:oracle:vm:xen-64, p-cpe:/a:oracle:vm:xen-debugger, p-cpe:/a:oracle:vm:xen-devel, p-cpe:/a:oracle:vm:xen-pvhvm-devel, p-cpe:/a:oracle:vm:xen-tools, cpe:/o:oracle:vm_server:2.1

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Patch Publication Date: 10/3/2008

Vulnerability Publication Date: 5/14/2008

Reference Information

CVE: CVE-2008-1943, CVE-2008-1945, CVE-2008-1952

CWE: 119, 200