FreeBSD : xen-tools -- xl command line config handling stack overflow (f1deed23-27ec-11e5-a4a5-002590263bf5)
Medium Nessus Plugin ID 84717
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionThe Xen Project reports :
The xl command line utility mishandles long configuration values when passed as command line arguments, with a buffer overrun.
A semi-trusted guest administrator or controller, who is intended to be able to partially control the configuration settings for a domain, can escalate their privileges to that of the whole host.
SolutionUpdate the affected package.