CVE-2008-5716
https://notcve.org/view.php?id=CVE-2008-5716
xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue exists because of erroneous set_permissions calls in the fix for CVE-2008-4405. xend en Xen 3.3.0 no restringe adecuadamente el acceso de escritura de una máquina virtual invitada en el árbol de directorios xenstore /local/domain, lo que permite a usuarios del sistema operativo visitantes provocar una denegación de servicio y posiblemente tener otro impacto no especificado escribiendo en (1) console/tty, (2) console/limit, o (3) image/device-model-pid. NOTA: este problema existe debido a llamadas set_permissions erróneas en el parche para CVE-2008-4405. • http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00842.html http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00845.html http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00846.html http://lists.xensource.com/archives/html/xen-devel/2008-12/msg00847.html http://openwall.com/lists/oss-security/2008/12/19/1 http://www.securityfocus.com/bid/31499 https://exchange.xforce.ibmcloud.com/vulnerabilities/47668 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2008-4405 – Xen 3.3 - XenStore Domain Configuration Data Unsafe Storage
https://notcve.org/view.php?id=CVE-2008-4405
xend in Xen 3.0.3 does not properly limit the contents of the /local/domain xenstore directory tree, and does not properly restrict a guest VM's write access within this tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue was originally reported as an issue in libvirt 0.3.3 and xenstore, but CVE is considering the core issue to be related to Xen. libvirt v0.3.3 se basa en ficheros localizados bajo subdirectorios de /local/domain en xenstore a pesar de la falta de protección contra modificaciones introducida por Xen en máquinas virtuales invitado, lo cual permite a usuarios del sistema operativo (SO) huésped tener un impacto desconocido, como lo demostrado mediante la escritura en (1) consola de texto (console/tty) o (2) el puerto VNC para el gráfico framebuffer. • https://www.exploit-db.com/exploits/32446 http://lists.opensuse.org/opensuse-security-announce/2009-09/msg00001.html http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00992.html http://lists.xensource.com/archives/html/xen-devel/2008-09/msg00994.html http://openwall.com/lists/oss-security/2008/09/30/6 http://secunia.com/advisories/32064 http://www.mandriva.com/security/advisories?name=MDVSA-2009:016 http://www.openwall.com/lists/oss-security/2008/10/04/3 http • CWE-264: Permissions, Privileges, and Access Controls •