Citrix XenServer QEMU IDE Buffer Overflow Code Execution (CTX201593)

This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a code execution vulnerability.

Description :

The version of Citrix XenServer running on the remote host is affected
by a heap buffer overflow condition in the IDE subsystem of the
bundled QEMU software, which is related to I/O buffer access when
handling certain ATAPI commands. An attacker, with sufficient
privileges in an HVM guest VM, can exploit this issue to execute
arbitrary code in the context of the hypervisor process on the host
system. Note that exploitation requires the CDROM drive to be enabled
on the guest system.

See also :

https://support.citrix.com/article/CTX201593

Solution :

Apply the relevant hotfix referenced in the vendor advisory.

Risk factor :

Medium / CVSS Base Score : 6.5
(CVSS2#AV:A/AC:H/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 4.8
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 85242 ()

Bugtraq ID: 76048

CVE ID: CVE-2015-5154

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now