Citrix XenServer Multiple Vulnerabilities (CTX140984)
Critical Nessus Plugin ID 76771
SynopsisThe remote device is missing a vendor-supplied security patch.
DescriptionThe remote host is running a version of Citrix XenServer that is affected by multiple vulnerabilities :
- An information disclosure exists due to the Xen hypervisor's failure to properly clean memory pages.
- An unspecified vulnerability exists due to a buffer overflow in the HVM graphics console. (CVE-2014-4947)
- XenServer is affected by an unspecified denial of service and information disclosure vulnerability.
SolutionApply the relevant hotfix referenced in the advisory.