Citrix XenServer QEMU ioport Array Overflow Guest-to-Host Privilege Escalation (CTX219136)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a privilege escalation vulnerability.

Description :

The version of Citrix XenServer running on the remote host is missing
a security hotfix. It is, therefore, affected by a privilege
escalation vulnerability in the QEMU ioport component due to an array
overflow that is triggered during the handling of addresses in ioport
read and write look-ups. A local administrative user on the guest
system can exploit this issue to gain elevated privileges on the host
system.

See also :

https://support.citrix.com/article/CTX219136

Solution :

Apply the appropriate hotfix according to the vendor advisory.

Risk factor :

High / CVSS Base Score : 7.4
(CVSS2#AV:A/AC:M/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 5.5
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 95659 ()

Bugtraq ID: 93970

CVE ID: CVE-2016-9637

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now