|
Fedora Xen VNC Server Host File Disclosure Security Issue
|
|
Secunia Advisory:
|
SA24575
|
|
|
Release Date:
|
2007-03-20
|
|
Popularity:
|
11,173 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Exposure of sensitive information
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Patch
|
|
| OS: | Fedora Core 5
Fedora Core 6
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
Fedora has acknowledged a security issue, which can be exploited by malicious users to gain knowledge of sensitive information.
The security issue is caused due to an error within the QEMU VNC code used by Xen for fully virtualised machines, which can be exploited to read arbitrary files on the host system.
Successful exploitation requires that the QEMU monitor mode is enabled and that the attacker has access to the VNC server.
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
