This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.
The remote Debian host is missing a security-related update.
Several vulnerabilities were discovered in the qemu virtualisation
It was discovered that the IDE controller emulation is
susceptible to denial of service.
Daniel P. Berrange discovered a denial of service
vulnerability in the VNC web socket decoder.
Jan Beulich discovered that unmediated PCI command
register could result in denial of service.
Jason Geffner discovered a buffer overflow in the
emulated floppy disk drive, resulting in the potential
execution of arbitrary code.
See also :
Upgrade the qemu packages.
For the oldstable distribution (wheezy), these problems have been
fixed in version 1.1.2+dfsg-6a+deb7u7 of the qemu source package and
in version 1.1.2+dfsg-6+deb7u7 of the qemu-kvm source package. Only
CVE-2015-3456 affects oldstable.
For the stable distribution (jessie), these problems have been fixed
in version 1:2.1+dfsg-12.
Risk factor :
High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.8
Public Exploit Available : true