Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3687

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2008-3687
Last Modified 07 Mar 2011 10:11:10
Published 14 Aug 2008 06:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3687

Summary

Heap-based buffer overflow in the flask_security_label function in Xen 3.3, when compiled with the XSM:FLASK module, allows unprivileged domain users (domU) to execute arbitrary code via the flask_op hypercall.

Vulnerable Systems

Application

  • Xen 3.3

  • Xen Flask Module


References

MLIST - [xen-dev] 20080718 [PATCH][XSM][FLASK] Argument handling bugs in XSM:FLASK

XF - xen-flasksecuritylabel-bo(44608)

CONFIRM - http://xenbits.xensource.com/xen-3.3-testing.hg?rev/fa66b33f975a

VUPEN - ADV-2008-2426

SECTRACK - 1020731

BID - 30834

MISC - http://theinvisiblethings.blogspot.com/2008/08/our-xen-0wning-trilogy-highlights.html

SECUNIA - 31561

MISC - http://invisiblethingslab.com/bh08/part2.pdf


Last Updated: 27 May 2016 10:48:16