This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.
The remote Mandrake Linux host is missing a security update.
Tavis Ormandy discovered a heap overflow flaw during video-to-video
copy operations in the Cirrus VGA extension code that is used in Xen.
A malicious local administrator of a guest domain could potentially
trigger this flaw and execute arbitrary code outside of the domain
Tavis Ormandy also discovered insufficient input validation leading to
a heap overflow in the NE2000 network driver in Xen. If the driver is
in use, a malicious local administrator of a guest domain could
potentially trigger this flaw and execute arbitrary code outside of
the domain (CVE-2007-1321, CVE-2007-5729, CVE-2007-5730).
Steve Kemp found that xen-utils used insecure temporary files within
the xenmon tool that could allow local users to truncate arbitrary
Joris van Rantwijk discovered a flaw in Pygrub, which is used as a
boot loader for guest domains. A malicious local administrator of a
guest domain could create a carefully-crafted grub.conf file which
could trigger the execution of arbitrary code outside of that domain
Updated packages have been patched to prevent these issues.
Update the affected xen package.
Risk factor :
High / CVSS Base Score : 7.2
CVSS Temporal Score : 5.6
Public Exploit Available : true
Family: Mandriva Local Security Checks
Nessus Plugin ID: 27614 (mandrake_MDKSA-2007-203.nasl)
Bugtraq ID: 23731
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now