exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 1 of 1 RSS Feed

CVE-2008-4993

Status Candidate

Overview

qemu-dm.debug in Xen 3.2.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/args temporary file.

Related Files

Mandriva Linux Security Advisory 2009-016
Posted Jan 16, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-016 - Ian Jackson found a security issue in the QEMU block device drivers backend that could allow a guest operating system to issue a block device request and read or write arbitrary memory locations, which could then lead to privilege escalation. It was found that Xen allowed unprivileged DomU domains to overwrite xenstore values which should only be changeable by the privileged Dom0 domain. An attacker able to control a DomU domain could possibly use this flaw to kill arbitrary processes in Dom0 or trick a Dom0 user into accessing the text console of a different domain running on the same host. This update makes certain parts of xenstore tree read-only to unprivileged DomU domains. A vulnerability in the qemu-dm.debug script was found in how it created a temporary file in /tmp. A local attacker in Dom0 could potentially use this flaw to overwrite arbitrary files via a symlink attack. Since this script is not used in production, it has been removed from this update package. The updated packages have been patched to prevent these issues.

tags | advisory, arbitrary, local
systems | linux, mandriva
advisories | CVE-2008-0928, CVE-2008-4405, CVE-2008-4993
SHA-256 | bf0f92b3794ad63079798172dc4b4074c87c0b0c4c4de75dc91b2b558aa648ce
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close