var-201401-0009
Vulnerability from variot
The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (host crash) by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread. Xen is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause the guest and host operating systems to crash, denying service to legitimate users. Hitachi JP1 products are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. The following products are affected: JP1/IT Resource Management - Manager JP1/IT Service Level Management - Manager. ----------------------------------------------------------------------
Secunia is hiring!
Find your next job here:
http://secunia.com/company/jobs/
TITLE: Hitachi JP1/IT Service Level Management Unspecified Cross-Site Scripting Vulnerability
SECUNIA ADVISORY ID: SA47804
VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/47804/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=47804
RELEASE DATE: 2012-01-31
DISCUSS ADVISORY: http://secunia.com/advisories/47804/#comments
AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s)
http://secunia.com/advisories/47804/
ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS
https://ca.secunia.com/?page=viewadvisory&vuln_id=47804
ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING
http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/
DESCRIPTION: A vulnerability has been reported in Hitachi JP1/IT Service Level Management, which can be exploited by malicious people to conduct cross-site scripting attacks.
Certain unspecified input is not properly sanitised before being returned to the user.
The vulnerability is reported in version 09-50.
PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.
ORIGINAL ADVISORY: Hitachi (English): http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-005/index.html
Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-005/index.html
OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
. Summary:
Updated kernel packages that fix multiple security issues, address several hundred bugs, and add numerous enhancements are now available as part of the ongoing support and maintenance of Red Hat Enterprise Linux version 5. This is the seventh regular update.
The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64
- Description:
The kernel packages contain the Linux kernel, the core of any Linux operating system.
This update fixes the following security issues:
-
A flaw was found in the way the Xen hypervisor implementation handled instruction emulation during virtual machine exits. An unprivileged guest user could trigger this flaw to crash the host. This only affects systems with both an AMD x86 processor and the AMD Virtualization (AMD-V) extensions enabled. (CVE-2011-1780, Important)
-
A flaw allowed the tc_fill_qdisc() function in the Linux kernel's packet scheduler API implementation to be called on built-in qdisc structures. A local, unprivileged user could use this flaw to trigger a NULL pointer dereference, resulting in a denial of service. (CVE-2011-2525, Moderate)
-
A flaw was found in the way space was allocated in the Linux kernel's Global File System 2 (GFS2) implementation. If the file system was almost full, and a local, unprivileged user made an fallocate() request, it could result in a denial of service. Note: Setting quotas to prevent users from using all available disk space would prevent exploitation of this flaw. (CVE-2011-2689, Moderate)
These updated kernel packages include a number of bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Refer to the Red Hat Enterprise Linux 5.7 Technical Notes for information about the most significant bug fixes and enhancements included in this update:
https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.7_Tech nical_Notes/kernel.html#RHSA-2011-1065
All Red Hat Enterprise Linux 5 users are advised to install these updated packages, which correct these issues. The system must be rebooted for this update to take effect. Solution:
Before applying this update, make sure all previously-released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/kb/docs/DOC-11259
To install kernel packages manually, use "rpm -ivh [package]". Do not use "rpm -Uvh" as that will remove the running kernel binaries from your system. You may use "rpm -e" to remove old kernels after determining that the new kernel functions properly on your system. Bugs fixed (http://bugzilla.redhat.com/):
390451 - Pick up paging performance improvements from upstream Xen 431738 - lsattr doesn't show attributes of ext3 quota files 441730 - [rhts] connectathon nfsidem test failing 452650 - [RHEL5.2]: Blktap is limited to 100 disks total 460821 - pv-on-hvm: disk shows up twice. 465876 - NMI Watchdog detected LOCKUP in :sctp:sctp_copy_local_addr_list 477032 - kdump hang on HP xw9400 481546 - HTB qdisc miscalculates bandwidth with TSO enabled 481629 - update myri10g driver from 1.3.2 to 1.5.2 491740 - export of an NFSV3 file system via kerberos requires AUTH_SYS as well 491786 - s2io should check inputs for rx_ring_sz 494927 - Read-only filesystem after 'ext3_free_blocks_sb: bit already cleared for block' errors 501314 - No beep when running xen kernel 511901 - [NFS]: silly renamed .nfs0000 files can be left on fs forever 517629 - Sequence id issue with nfs4/kerberos between RHEL kernel and Fedora 11 525898 - soft lockups with kswapd in RHEL 5.4 kernel 2.6.18-164.el5 x86_64 537277 - KERNEL: QLA2XXX 0000:0E:00.0: RISC PAUSED -- HCCR=0, DUMPING FIRMWARE! 553411 - xts crypto module missing from RHEL5 installer runtime 553803 - GFS2: recovery stuck on transaction lock 567449 - RHEL5.6: iw_cxgb4 driver inclusion 567540 - unregister_netdevice: waiting for veth5 to become free when I remove netloop 579000 - [RFE] Support L2 packets under bonding layer 579858 - Wrong RX bytes/packet count on vlan interface with igb driver 589512 - slab corruption after seeing some nfs-related BUG: warning 603345 - i5k_amb does not work for Intel 5000 Chipset (kernel) 607114 - System panic in pskb_expand_head When arp_validate option is specified in bonding ARP monitor mode 611407 - kvm guest unable to kdump without noapic 621916 - Host panic on cross-vendor migration (RHEL 5.5 guest) 622542 - Xorg failures on machines using intel video card driver 622647 - Reading /proc/locks yelds corrupt data 623979 - synch arch/i386/pci/irq-xen.c 626585 - GFS2: [RFE] fallocate support for GFS2 626974 - nfs: too many GETATTR and ACCESS calls after direct i/o 626977 - [nfs] make close(2) asynchronous when closing nfs o_direct files 627496 - Fix shrinking windows with window scaling 631950 - remove FS-Cache code from NFS 632399 - Misleading message from fs/nfs/file.c:do_vfs_lock() 633196 - testing NMI watchdog ... <4>WARNING: CPU#0: NMI appears to be stuck (62->62)! 635992 - Areca driver, arcmsr, update 637970 - GFS2: Not enough space reserved in gfs2_write_begin and possibly elsewhere. 642388 - ip_nat_ftp not working if ack for "227 Enter Passive mode" packet is lost 643292 - [netfront] ethtool -i should return proper information for netfront device 643872 - [netback] ethtool -i should return proper information for netback device 645343 - ISCSI/multipath hang - must propagate SCSI device deletion to DM mpath 645528 - SIGPROF keeps a large task from ever completing a fork() 645646 - RFE: Virtio nic should be support "ethtool -i virtio nic" 646513 - HP_GETHOSTINFO ioctl always causes mpt controller reset 648572 - virtio GSO makes IPv6 very slow 648657 - fseek()/NFS performance regression between RHEL4 and RHEL5 648854 - linux-2.6.18: netback: take net_schedule_list_lock when removing entry from net_schedule_list 651333 - RHEL5.6: EHCI: AMD periodic frame list table quirk 651409 - BAD SEQID error messages returned by the NFS server 651512 - e1000 driver tracebacks when running under VMware ESX4 652321 - jbd2_stats_proc_init has wrong location. 652369 - temporary loss of path to SAN results in persistent EIO with msync 653286 - [5.6][REG]for some uses of 'nfsservctl' system call, the kernel crashes. 653828 - bonding failover in every monitor interval with virtio-net driver 654293 - sunrpc: need a better way to set tcp_slot_table_entries in RHEL 5 656836 - Memory leak in virtio-console driver if driver probe routine fails 657166 - XFS causes kernel panic due to double free of log tickets 658012 - NMI panic during xfs forced shutdown 658418 - Kernel warning at boot: i7core_edac: probe of 0000:80:14.0 failed with error -22 659594 - Kernel panic when restart network on vlan with bonding 659715 - cifs: ia64 kernel unaligned access 659816 - Performance counters don't work on HP Magnycours machines 660368 - dm-crypt: backport changes to support xts crypto mode 660661 - fsck.gfs2 reported statfs error after gfs2_grow 660728 - [LSI 5.7 feat] Update megaraid_sas to 5.34 and Include "Thunderbolt" support 660871 - mpctl module doesn't release fasync_struct at file close 661300 - xfstest 222: filesystem on /dev/loop0 is inconsistent 661306 - [Cisco 5.7 FEAT] Update enic driver to version 2.1.1.9 661904 - GFS2: Kernel changes necessary to allow growing completely full filesystems. 663041 - gfs2 FIEMAP oops 663123 - /proc/partitions not updating after creating LUNs via hpacucli 663563 - [ext4/xfstests] 011 caused filesystem corruption after running many times in a loop 664592 - a test unit ready causes a panic on 5.6 (CCISS driver) 664931 - COW corruption using popen(3). 665197 - WARNING: APIC timer calibration may be wrong 665972 - ISVM bit (ECX:31) for CPUID 0x00000001 is missing for HVM on AMD 666080 - GFS2: Blocks not marked free on delete 666304 - scsi_dh_emc gives "error attaching hardware handler" for EMC active-active SANs 666866 - Heavy load on ath5k wireless device makes system unresponsive 667327 - lib: fix vscnprintf() if @size is == 0 667660 - [NetApp 5.7 Bug] Include new NetApp PID entry to the alua_dev_list array in the ALUA hardware handler 667810 - "modprobe ip_conntrack hashsize=NNNN" panics kernel if /etc/modprobe.conf has hashsize=MMMM 668934 - UDP transmit under VLAN causes guest freeze 669603 - incomplete local port reservation 669961 - [NetApp 5.6 Bug] Erroneous TPG ID check in SCSI ALUA Handler 670367 - scsi_dh_emc get_req function should set REQ_FAILFAST flags same as upstream and other modules 670373 - panic in kfree() due to race condition in acpi_bus_receive_event() 671238 - [bonding] crash when adding/removing slaves with master interface down 671595 - Flapping errors (and panic) with bonding and arp_interval while using be2net included in 2.6.18-238 672619 - transmission stops when tap does not consume 672724 - mmapping a read only file on a gfs2 filesystem incorrectly acquires an exclusive glock 672981 - lseek() over NFS is returning an incorrect file length under some circumstances 673058 - kernel panic in pg_init_done - pgpath already deleted 673242 - Time runs too fast in a VM on processors with > 4GHZ freq 673459 - virtio_console driver never returns from selecting for write when the queue is full 673616 - vdso gettimeofday causes a segmentation fault 674175 - Impossible to load sctp module with ipv6 disable=1 674226 - Panic in selinux_bprm_post_apply_creds() due to an empty tty_files list 674298 - [NetApp 5.6 Bug] QLogic 8G FC firmware dumps seen during IO 674514 - xenctx shows nonsensical values for 32-on-64 and HVM domains 675727 - vdso: missing wall_to_monotomic export 675986 - Fix block based fiemap 677703 - [RHEL5.5] Panic in iscsi_sw_tcp_data_ready() 677893 - [TestOnly] gfs regression testing for 5.7 beta 677902 - Incorrect "Speed" is recorded in the file "/proc/net/bonding/bondX" 678073 - qeth: allow channel path changes in recovery 678074 - [usb-audio] unable to set capture mixer levels 678359 - online disk resizing may cause data corruption 678571 - hap_gva_to_gfn_ do not preserve domain context 678618 - gdbsx hypervisor part backport 679120 - qeth: remove needless IPA-commands in offline 679407 - [5.7] niu: Fix races between up/down and get_stats. 679487 - [5.7] net: Fix netdev_run_todo serialization 680329 - sunrpc: reconnect race can lead to socket read corruption 681303 - backport vzalloc and vzalloc_node in support of drivers needing these functions 681586 - Out of vmalloc space 683155 - gfs2: creating large files suddenly slow to a crawl 683978 - need to backport common vpd infrastructure to rhel 5 684795 - missed unlock_page() in gfs2_write_begin() 688646 - intel_iommu domain id exhaustion 688989 - [5.6] sysctl tcp_syn_retries is not honored 689860 - guest with passthrough nic got kernel panic when send system_reset signal in QEMU monitor 689943 - GFS2 causes kernel panic in spectator mode 690555 - GFS2: resource group bitmap corruption resulting in panics and withdraws 692946 - need to backport debugfs_remove_recursive functionality 695357 - dasd: fix race between open and offline 696411 - Missing patch for full use of tcp_rto_min parameter 698432 - [Emulex 5.7] Update lpfc driver to version 8.2.0.96.1p 698879 - The pci resource for vf is not released after hot-removing Intel 82576 NIC 700546 - RHEL5: apparent file system corruption of snapshot fs with qla2xxx driver 702355 - NFS: Fix build break with CONFIG_NFS_V4=n 702652 - provide option to disable HPET 702657 - CVE-2011-1780 kernel: xen: svm: insufficiencies in handling emulated instructions during vm exits 703213 - GFS2: Add "dlm callback owed" glock flag 703416 - host kernel panic while guest running on 10G public bridge. 704497 - VT-d: Fix resource leaks on error paths in intremap code 705324 - cifs: regression in unicode conversion routines when mounting with -o mapchars 705455 - intel-iommu: missing flush prior to removing domains + avoid broken vm/si domain unlinking 705725 - hvm guest time may go backwards on some hosts 706414 - Adding slave to balance-tlb bond device results in soft lockup 709224 - setfacl does not update ctime when changing file permission on ext3/4 711450 - 12% degradation running IOzone with Outcache testing 717068 - Kernel panics during Veritas SF testing. 717742 - [RHEL5.7][kernel-xen] HVM guests hang during installation on AMD systems 720552 - CVE-2011-2525 kernel: kernel: net_sched: fix qdisc_notify() 720861 - CVE-2011-2689 kernel: gfs2: make sure fallocate bytes is a multiple of blksize
- Package List:
Red Hat Enterprise Linux Desktop (v. 5 client):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-274.el5.src.rpm
i386: kernel-2.6.18-274.el5.i686.rpm kernel-PAE-2.6.18-274.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-274.el5.i686.rpm kernel-PAE-devel-2.6.18-274.el5.i686.rpm kernel-debug-2.6.18-274.el5.i686.rpm kernel-debug-debuginfo-2.6.18-274.el5.i686.rpm kernel-debug-devel-2.6.18-274.el5.i686.rpm kernel-debuginfo-2.6.18-274.el5.i686.rpm kernel-debuginfo-common-2.6.18-274.el5.i686.rpm kernel-devel-2.6.18-274.el5.i686.rpm kernel-headers-2.6.18-274.el5.i386.rpm kernel-xen-2.6.18-274.el5.i686.rpm kernel-xen-debuginfo-2.6.18-274.el5.i686.rpm kernel-xen-devel-2.6.18-274.el5.i686.rpm
noarch: kernel-doc-2.6.18-274.el5.noarch.rpm
x86_64: kernel-2.6.18-274.el5.x86_64.rpm kernel-debug-2.6.18-274.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-274.el5.x86_64.rpm kernel-debug-devel-2.6.18-274.el5.x86_64.rpm kernel-debuginfo-2.6.18-274.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-274.el5.x86_64.rpm kernel-devel-2.6.18-274.el5.x86_64.rpm kernel-headers-2.6.18-274.el5.x86_64.rpm kernel-xen-2.6.18-274.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-274.el5.x86_64.rpm kernel-xen-devel-2.6.18-274.el5.x86_64.rpm
Red Hat Enterprise Linux (v. 5 server):
Source: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-274.el5.src.rpm
i386: kernel-2.6.18-274.el5.i686.rpm kernel-PAE-2.6.18-274.el5.i686.rpm kernel-PAE-debuginfo-2.6.18-274.el5.i686.rpm kernel-PAE-devel-2.6.18-274.el5.i686.rpm kernel-debug-2.6.18-274.el5.i686.rpm kernel-debug-debuginfo-2.6.18-274.el5.i686.rpm kernel-debug-devel-2.6.18-274.el5.i686.rpm kernel-debuginfo-2.6.18-274.el5.i686.rpm kernel-debuginfo-common-2.6.18-274.el5.i686.rpm kernel-devel-2.6.18-274.el5.i686.rpm kernel-headers-2.6.18-274.el5.i386.rpm kernel-xen-2.6.18-274.el5.i686.rpm kernel-xen-debuginfo-2.6.18-274.el5.i686.rpm kernel-xen-devel-2.6.18-274.el5.i686.rpm
ia64: kernel-2.6.18-274.el5.ia64.rpm kernel-debug-2.6.18-274.el5.ia64.rpm kernel-debug-debuginfo-2.6.18-274.el5.ia64.rpm kernel-debug-devel-2.6.18-274.el5.ia64.rpm kernel-debuginfo-2.6.18-274.el5.ia64.rpm kernel-debuginfo-common-2.6.18-274.el5.ia64.rpm kernel-devel-2.6.18-274.el5.ia64.rpm kernel-headers-2.6.18-274.el5.ia64.rpm kernel-xen-2.6.18-274.el5.ia64.rpm kernel-xen-debuginfo-2.6.18-274.el5.ia64.rpm kernel-xen-devel-2.6.18-274.el5.ia64.rpm
noarch: kernel-doc-2.6.18-274.el5.noarch.rpm
ppc: kernel-2.6.18-274.el5.ppc64.rpm kernel-debug-2.6.18-274.el5.ppc64.rpm kernel-debug-debuginfo-2.6.18-274.el5.ppc64.rpm kernel-debug-devel-2.6.18-274.el5.ppc64.rpm kernel-debuginfo-2.6.18-274.el5.ppc64.rpm kernel-debuginfo-common-2.6.18-274.el5.ppc64.rpm kernel-devel-2.6.18-274.el5.ppc64.rpm kernel-headers-2.6.18-274.el5.ppc.rpm kernel-headers-2.6.18-274.el5.ppc64.rpm kernel-kdump-2.6.18-274.el5.ppc64.rpm kernel-kdump-debuginfo-2.6.18-274.el5.ppc64.rpm kernel-kdump-devel-2.6.18-274.el5.ppc64.rpm
s390x: kernel-2.6.18-274.el5.s390x.rpm kernel-debug-2.6.18-274.el5.s390x.rpm kernel-debug-debuginfo-2.6.18-274.el5.s390x.rpm kernel-debug-devel-2.6.18-274.el5.s390x.rpm kernel-debuginfo-2.6.18-274.el5.s390x.rpm kernel-debuginfo-common-2.6.18-274.el5.s390x.rpm kernel-devel-2.6.18-274.el5.s390x.rpm kernel-headers-2.6.18-274.el5.s390x.rpm kernel-kdump-2.6.18-274.el5.s390x.rpm kernel-kdump-debuginfo-2.6.18-274.el5.s390x.rpm kernel-kdump-devel-2.6.18-274.el5.s390x.rpm
x86_64: kernel-2.6.18-274.el5.x86_64.rpm kernel-debug-2.6.18-274.el5.x86_64.rpm kernel-debug-debuginfo-2.6.18-274.el5.x86_64.rpm kernel-debug-devel-2.6.18-274.el5.x86_64.rpm kernel-debuginfo-2.6.18-274.el5.x86_64.rpm kernel-debuginfo-common-2.6.18-274.el5.x86_64.rpm kernel-devel-2.6.18-274.el5.x86_64.rpm kernel-headers-2.6.18-274.el5.x86_64.rpm kernel-xen-2.6.18-274.el5.x86_64.rpm kernel-xen-debuginfo-2.6.18-274.el5.x86_64.rpm kernel-xen-devel-2.6.18-274.el5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2011-1780.html https://www.redhat.com/security/data/cve/CVE-2011-2525.html https://www.redhat.com/security/data/cve/CVE-2011-2689.html https://access.redhat.com/security/updates/classification/#important https://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.7_Technical_Notes/kernel.html#RHSA-2011-1065
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2012-0001 Synopsis: VMware ESXi and ESX updates to third party library and ESX Service Console Issue date: 2012-01-30 Updated on: 2012-01-30 (initial advisory)
CVE numbers: --- COS Kernel --- CVE-2011-0726, CVE-2011-1078, CVE-2011-1079, CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166, CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494, CVE-2011-1495, CVE-2011-1577, CVE-2011-1763, CVE-2010-4649, CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182, CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745, CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022, CVE-2011-2213, CVE-2011-2492, CVE-2011-1780, CVE-2011-2525, CVE-2011-2689, CVE-2011-2482, CVE-2011-2491, CVE-2011-2495, CVE-2011-2517, CVE-2011-2519, CVE-2011-2901 --- COS cURL --- CVE-2011-2192 --- COS rpm --- CVE-2010-2059, CVE-2011-3378 --- COS samba --- CVE-2010-0547, CVE-2010-0787, CVE-2011-1678, CVE-2011-2522, CVE-2011-2694 --- COS python --- CVE-2009-3720, CVE-2010-3493, CVE-2011-1015, CVE-2011-1521 --- python library --- CVE-2009-3560, CVE-2009-3720, CVE-2010-1634, CVE-2010-2089, CVE-2011-1521
- Summary
VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues.
- Relevant releases
ESXi 4.1 without patch ESXi410-201201401-SG
ESX 4.1 without patches ESX410-201201401-SG, ESX410-201201402-SG, ESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG, ESX410-201201407-SG
- Problem Description
a. ESX third party update for Service Console kernel
The ESX Service Console Operating System (COS) kernel is updated to
kernel-2.6.18-274.3.1.el5 to fix multiple security issues in the
COS kernel.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2011-0726, CVE-2011-1078, CVE-2011-1079,
CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166,
CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494,
CVE-2011-1495, CVE-2011-1577, CVE-2011-1763, CVE-2010-4649,
CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182,
CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745,
CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022,
CVE-2011-2213, CVE-2011-2492, CVE-2011-1780, CVE-2011-2525,
CVE-2011-2689, CVE-2011-2482, CVE-2011-2491, CVE-2011-2495,
CVE-2011-2517, CVE-2011-2519, CVE-2011-2901 to these issues.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201201401-SG
ESX 4.0 ESX patch pending
ESX 3.5 ESX not applicable
- hosted products are VMware Workstation, Player, ACE, Fusion.
b. ESX third party update for Service Console cURL RPM
The ESX Service Console (COS) curl RPM is updated to cURL-7.15.5.9
resolving a security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2011-2192 to this issue.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201201402-SG
ESX 4.0 ESX patch pending
ESX 3.5 ESX not applicable
* hosted products are VMware Workstation, Player, ACE, Fusion.
c. ESX third party update for Service Console nspr and nss RPMs
The ESX Service Console (COS) nspr and nss RPMs are updated to
nspr-4.8.8-1.el5_7 and nss-3.12.10-4.el5_7 respectively resolving
a security issues.
A Certificate Authority (CA) issued fraudulent SSL certificates and
Netscape Portable Runtime (NSPR) and Network Security Services (NSS)
contain the built-in tokens of this fraudulent Certificate
Authority. This update renders all SSL certificates signed by the
fraudulent CA as untrusted for all uses.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201201404-SG
ESX 4.0 ESX patch pending
ESX 3.5 ESX not applicable
* hosted products are VMware Workstation, Player, ACE, Fusion.
d. ESX third party update for Service Console rpm RPMs
The ESX Service Console Operating System (COS) rpm packages are
updated to popt-1.10.2.3-22.el5_7.2, rpm-4.4.2.3-22.el5_7.2,
rpm-libs-4.4.2.3-22.el5_7.2 and rpm-python-4.4.2.3-22.el5_7.2
which fixes multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2010-2059 and CVE-2011-3378 to these issues.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201201406-SG
ESX 4.0 ESX patch pending
ESX 3.5 ESX not applicable
* hosted products are VMware Workstation, Player, ACE, Fusion.
e. ESX third party update for Service Console samba RPMs
The ESX Service Console Operating System (COS) samba packages are
updated to samba-client-3.0.33-3.29.el5_7.4,
samba-common-3.0.33-3.29.el5_7.4 and
libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security
issues in the Samba client.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2010-0547, CVE-2010-0787, CVE-2011-1678,
CVE-2011-2522 and CVE-2011-2694 to these issues.
Note that ESX does not include the Samba Web Administration Tool
(SWAT) and therefore ESX COS is not affected by CVE-2011-2522 and
CVE-2011-2694.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201201407-SG
ESX 4.0 ESX patch pending
ESX 3.5 ESX not applicable
* hosted products are VMware Workstation, Player, ACE, Fusion.
f. ESX third party update for Service Console python package
The ESX Service Console (COS) python package is updated to
2.4.3-44 which fixes multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2009-3720, CVE-2010-3493, CVE-2011-1015 and
CVE-2011-1521 to these issues.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.1 ESX ESX410-201201405-SG
ESX 4.0 ESX patch pending
ESX 3.5 ESX not applicable
* hosted products are VMware Workstation, Player, ACE, Fusion.
g. ESXi update to third party component python
The python third party library is updated to python 2.5.6 which
fixes multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the names CVE-2009-3560, CVE-2009-3720, CVE-2010-1634,
CVE-2010-2089, and CVE-2011-1521 to these issues.
Column 4 of the following table lists the action required to
remediate the vulnerability in each release, if a solution is
available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
vCenter any Windows not affected
hosted * any any not affected
ESXi 5.0 ESXi patch pending
ESXi 4.1 ESXi ESXi410-201201401-SG
ESXi 4.0 ESXi patch pending
ESXi 3.5 ESXi patch pending
ESX 4.1 ESX not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
* hosted products are VMware Workstation, Player, ACE, Fusion.
- Solution
Please review the patch/release notes for your product and version and verify the checksum of your downloaded file.
VMware ESXi 4.1
ESXi410-201201401
http://downloads.vmware.com/go/selfsupport-download
md5sum: BDF86F10A973346E26C9C2CD4C424E88
sha1sum: CC0B92869A9AAE4F5E0E5B81BEE109BCD7DA780F
http://kb.vmware.com/kb/2009143
ESXi410-201201401 contains ESXi410-201201401-SG
VMware ESX 4.1
ESX410-201201001
http://downloads.vmware.com/go/selfsupport-download
md5sum: 16DF9ACD3E74BCABC2494BC23AD0927F
sha1sum: 1066AE1436E1A75BA3D541AB65296CFB9AB7A5CC
http://kb.vmware.com/kb/2009142
ESX410-201201001 contains ESX410-201201401-SG, ESX410-201201402-SG, ESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG and ESX410-201201407-SG
- References
CVE numbers
--- COS Kernel --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0726 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1078 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1079 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1080 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1163 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1170 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1171 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1172 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1577 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1763 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4649 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0711 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1044 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1182 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1573 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1576 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1745 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1746 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1936 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1780 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2525 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2689 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2482 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2519 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901 --- COS cURL --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192 --- COS rpm --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2059 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3378 --- COS samba --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1678 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694 --- COS python --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1015 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521 --- python library --- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1634 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521
- Change log
2012-01-30 VMSA-2012-0001 Initial security advisory in conjunction with the release of patches for ESX 4.1 and ESXi 4.1 on 2012-01-30.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Advisories http://www.vmware.com/security/advisories
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2012 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.8.3 (Build 4028) Charset: utf-8
wj8DBQFPJ5DIDEcm8Vbi9kMRAnzCAKCmaAoDp49d61Mr1emzh/U0N8vbgACdFZk8 f2pLxi537s+ew4dvnYNWlJ8= =OAh4 -----END PGP SIGNATURE----- . On systems without support for hardware assisted paging (HAP), such as those running CPUs that do not have support for (or those that have it disabled) Intel Extended Page Tables (EPT) or AMD Virtualization (AMD-V) Rapid Virtualization Indexing (RVI), this bug could cause fully-virtualized guests to crash or lead to silent memory corruption. (BZ#712884)
-
A bug in the way the ibmvscsi driver handled interrupts may have prevented automatic path recovery for multipath devices. This bug only affected 64-bit PowerPC systems. (BZ#720929)
-
The RHSA-2009:1243 update introduced a regression in the way file locking on NFS (Network File System) was handled. This caused applications to hang if they made a lock request on a file on an NFS version 2 or 3 file system that was mounted with the "sec=krb5" option. With this update, the original behavior of using mixed RPC authentication flavors for NFS and locking requests has been restored. (BZ#722854)
Users should upgrade to these updated packages, which contain backported patches to resolve these issues
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201401-0009", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "xen", "scope": "eq", "trust": 2.7, "vendor": "xen", "version": "3.0.3" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "project openvz 028stab089.1", "scope": null, "trust": 0.3, "vendor": "openvz", "version": null }, { "model": "linux enterprise desktop sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.3" }, { "model": "voice portal sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "project openvz 028stab085.2", "scope": null, "trust": 0.3, "vendor": "openvz", "version": null }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "project openvz 028stab091.1", "scope": null, "trust": 0.3, "vendor": "openvz", "version": null }, { "model": "hat enterprise linux desktop client", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "linux enterprise sdk sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1.1" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura system platform sp3", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura system platform sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "project openvz 028stab081.1", "scope": null, "trust": 0.3, "vendor": "openvz", "version": null }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.2" }, { "model": "hat enterprise linux server", "scope": "eq", "trust": 0.3, "vendor": "red", "version": "5" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "linux enterprise server sp4", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura application enablement services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2.1" }, { "model": "aura communication manager utility services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "xen", "scope": "eq", "trust": 0.3, "vendor": "xensource", "version": "0" }, { "model": "voice portal sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "aura application server sip core", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "53002.0" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "1.1" }, { "model": "project openvz 2.6.32-feoktistov.1", "scope": null, "trust": 0.3, "vendor": "openvz", "version": null }, { "model": "voice portal", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.1" }, { "model": "project openvz", "scope": "eq", "trust": 0.3, "vendor": "openvz", "version": "2.6.32" }, { "model": "project openvz 023stab053.2", "scope": null, "trust": 0.3, "vendor": "openvz", "version": null }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "linux enterprise server sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "aura presence services", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "project openvz 023stab054.1", "scope": null, "trust": 0.3, "vendor": "openvz", "version": null }, { "model": "aura messaging", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "enterprise linux", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "5.0" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.2" }, { "model": "linux enterprise sdk sp3", "scope": "eq", "trust": 0.3, "vendor": "suse", "version": "10" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "project openvz 028stab092.2", "scope": "ne", "trust": 0.3, "vendor": "openvz", "version": null }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura system manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "aura system platform", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0.2" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "communication server 1000e signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "ip office application server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "iq", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.1" }, { "model": "aura system manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.1" }, { "model": "aura conferencing standard", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura communication manager utility services", "scope": "ne", "trust": 0.3, "vendor": "avaya", "version": "6.2" }, { "model": "aura system manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1" }, { "model": "communication server 1000m signaling server", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "aura session manager sp1", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.0" }, { "model": "aura communication manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "aura session manager", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "6.1.3" }, { "model": "aura session manager sp2", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "5.2" }, { "model": "communication server 1000e", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.5" }, { "model": "communication server 1000m", "scope": "eq", "trust": 0.3, "vendor": "avaya", "version": "7.0" }, { "model": "jp1/it service level management manager", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "-09-50" }, { "model": "jp1/it resource management-manager", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "09-50" }, { "model": "jp1/it resource management-manager", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "09-11-02" }, { "model": "jp1/it resource management-manager", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "09-11" }, { "model": "jp1/it resource management-manager", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "09-10-03" }, { "model": "jp1/it resource management-manager", "scope": "eq", "trust": 0.3, "vendor": "hitachi", "version": "09-10" }, { "model": "jp1/it service level management-manager", "scope": "ne", "trust": 0.3, "vendor": "hitachi", "version": "09-51" }, { "model": "jp1/it resource management-manager", "scope": "ne", "trust": 0.3, "vendor": "hitachi", "version": "09-50-02" }, { "model": "jp1/it resource management-manager", "scope": "ne", "trust": 0.3, "vendor": "hitachi", "version": "09-11-05" } ], "sources": [ { "db": "BID", "id": "48610" }, { "db": "BID", "id": "78576" }, { "db": "BID", "id": "51749" }, { "db": "JVNDB", "id": "JVNDB-2011-005254" }, { "db": "CNNVD", "id": "CNNVD-201107-366" }, { "db": "NVD", "id": "CVE-2011-1780" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:xen:xen:3.0.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2011-1780" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Hitachi", "sources": [ { "db": "BID", "id": "51749" }, { "db": "CNNVD", "id": "CNNVD-201201-419" } ], "trust": 0.9 }, "cve": "CVE-2011-1780", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 6.1, "confidentialityImpact": "NONE", "exploitabilityScore": 6.5, "impactScore": 6.9, "integrityImpact": "NONE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Adjacent Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 6.1, "confidentialityImpact": "None", "exploitabilityScore": null, "id": "CVE-2011-1780", "impactScore": null, "integrityImpact": "None", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "Medium", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2011-1780", "trust": 1.8, "value": "MEDIUM" }, { "author": "CNNVD", "id": "CNNVD-201107-366", "trust": 0.6, "value": "MEDIUM" } ] } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-005254" }, { "db": "CNNVD", "id": "CNNVD-201107-366" }, { "db": "NVD", "id": "CVE-2011-1780" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "The instruction emulation in Xen 3.0.3 allows local SMP guest users to cause a denial of service (host crash) by replacing the instruction that causes the VM to exit in one thread with a different instruction in a different thread. Xen is prone to multiple denial-of-service vulnerabilities. \nAttackers can exploit these issues to cause the guest and host operating systems to crash, denying service to legitimate users. Hitachi JP1 products are prone to a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. \nAn attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks. \nThe following products are affected:\nJP1/IT Resource Management - Manager\nJP1/IT Service Level Management - Manager. ----------------------------------------------------------------------\n\nSecunia is hiring!\n\nFind your next job here:\n\nhttp://secunia.com/company/jobs/\n\n----------------------------------------------------------------------\n\nTITLE:\nHitachi JP1/IT Service Level Management Unspecified Cross-Site\nScripting Vulnerability\n\nSECUNIA ADVISORY ID:\nSA47804\n\nVERIFY ADVISORY:\nSecunia.com\nhttp://secunia.com/advisories/47804/\nCustomer Area (Credentials Required)\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47804\n\nRELEASE DATE:\n2012-01-31\n\nDISCUSS ADVISORY:\nhttp://secunia.com/advisories/47804/#comments\n\nAVAILABLE ON SITE AND IN CUSTOMER AREA:\n * Last Update\n * Popularity\n * Comments\n * Criticality Level\n * Impact\n * Where\n * Solution Status\n * Operating System / Software\n * CVE Reference(s)\n\nhttp://secunia.com/advisories/47804/\n\nONLY AVAILABLE IN CUSTOMER AREA:\n * Authentication Level\n * Report Reliability\n * Secunia PoC\n * Secunia Analysis\n * Systems Affected\n * Approve Distribution\n * Remediation Status\n * Secunia CVSS Score\n * CVSS\n\nhttps://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47804\n\nONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI:\n * AUTOMATED SCANNING\n\nhttp://secunia.com/vulnerability_scanning/personal/\nhttp://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/\n\nDESCRIPTION:\nA vulnerability has been reported in Hitachi JP1/IT Service Level\nManagement, which can be exploited by malicious people to conduct\ncross-site scripting attacks. \n\nCertain unspecified input is not properly sanitised before being\nreturned to the user. \n\nThe vulnerability is reported in version 09-50. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported by the vendor. \n\nORIGINAL ADVISORY:\nHitachi (English):\nhttp://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS12-005/index.html\n\nHitachi (Japanese):\nhttp://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS12-005/index.html\n\nOTHER REFERENCES:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nDEEP LINKS:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED DESCRIPTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXTENDED SOLUTION:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\nEXPLOIT:\nFurther details available in Customer Area:\nhttp://secunia.com/vulnerability_intelligence/\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Summary:\n\nUpdated kernel packages that fix multiple security issues, address several\nhundred bugs, and add numerous enhancements are now available as part of\nthe ongoing support and maintenance of Red Hat Enterprise Linux version 5. \nThis is the seventh regular update. \n\nThe Red Hat Security Response Team has rated this update as having\nimportant security impact. Common Vulnerability Scoring System (CVSS) base\nscores, which give detailed severity ratings, are available for each\nvulnerability from the CVE links in the References section. Relevant releases/architectures:\n\nRed Hat Enterprise Linux (v. 5 server) - i386, ia64, noarch, ppc, s390x, x86_64\nRed Hat Enterprise Linux Desktop (v. 5 client) - i386, noarch, x86_64\n\n3. Description:\n\nThe kernel packages contain the Linux kernel, the core of any Linux\noperating system. \n\nThis update fixes the following security issues:\n\n* A flaw was found in the way the Xen hypervisor implementation handled\ninstruction emulation during virtual machine exits. \nAn unprivileged guest user could trigger this flaw to crash the host. This\nonly affects systems with both an AMD x86 processor and the AMD\nVirtualization (AMD-V) extensions enabled. (CVE-2011-1780, Important)\n\n* A flaw allowed the tc_fill_qdisc() function in the Linux kernel\u0027s packet\nscheduler API implementation to be called on built-in qdisc structures. A\nlocal, unprivileged user could use this flaw to trigger a NULL pointer\ndereference, resulting in a denial of service. (CVE-2011-2525, Moderate)\n\n* A flaw was found in the way space was allocated in the Linux kernel\u0027s\nGlobal File System 2 (GFS2) implementation. If the file system was almost\nfull, and a local, unprivileged user made an fallocate() request, it could\nresult in a denial of service. Note: Setting quotas to prevent users from\nusing all available disk space would prevent exploitation of this flaw. \n(CVE-2011-2689, Moderate)\n\nThese updated kernel packages include a number of bug fixes and\nenhancements. Space precludes documenting all of these changes in this\nadvisory. Refer to the Red Hat Enterprise Linux 5.7 Technical Notes for\ninformation about the most significant bug fixes and enhancements included\nin this update:\n\nhttps://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.7_Tech\nnical_Notes/kernel.html#RHSA-2011-1065\n\nAll Red Hat Enterprise Linux 5 users are advised to install these updated\npackages, which correct these issues. The system must be rebooted for this\nupdate to take effect. Solution:\n\nBefore applying this update, make sure all previously-released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/kb/docs/DOC-11259\n\nTo install kernel packages manually, use \"rpm -ivh [package]\". Do not\nuse \"rpm -Uvh\" as that will remove the running kernel binaries from\nyour system. You may use \"rpm -e\" to remove old kernels after\ndetermining that the new kernel functions properly on your system. Bugs fixed (http://bugzilla.redhat.com/):\n\n390451 - Pick up paging performance improvements from upstream Xen\n431738 - lsattr doesn\u0027t show attributes of ext3 quota files\n441730 - [rhts] connectathon nfsidem test failing\n452650 - [RHEL5.2]: Blktap is limited to 100 disks total\n460821 - pv-on-hvm: disk shows up twice. \n465876 - NMI Watchdog detected LOCKUP in :sctp:sctp_copy_local_addr_list\n477032 - kdump hang on HP xw9400\n481546 - HTB qdisc miscalculates bandwidth with TSO enabled\n481629 - update myri10g driver from 1.3.2 to 1.5.2\n491740 - export of an NFSV3 file system via kerberos requires AUTH_SYS as well\n491786 - s2io should check inputs for rx_ring_sz\n494927 - Read-only filesystem after \u0027ext3_free_blocks_sb: bit already cleared for block\u0027 errors\n501314 - No beep when running xen kernel\n511901 - [NFS]: silly renamed .nfs0000* files can be left on fs forever\n517629 - Sequence id issue with nfs4/kerberos between RHEL kernel and Fedora 11\n525898 - soft lockups with kswapd in RHEL 5.4 kernel 2.6.18-164.el5 x86_64\n537277 - KERNEL: QLA2XXX 0000:0E:00.0: RISC PAUSED -- HCCR=0, DUMPING FIRMWARE!\n553411 - xts crypto module missing from RHEL5 installer runtime\n553803 - GFS2: recovery stuck on transaction lock\n567449 - RHEL5.6: iw_cxgb4 driver inclusion\n567540 - unregister_netdevice: waiting for veth5 to become free when I remove netloop\n579000 - [RFE] Support L2 packets under bonding layer\n579858 - Wrong RX bytes/packet count on vlan interface with igb driver\n589512 - slab corruption after seeing some nfs-related BUG: warning\n603345 - i5k_amb does not work for Intel 5000 Chipset (kernel)\n607114 - System panic in pskb_expand_head When arp_validate option is specified in bonding ARP monitor mode\n611407 - kvm guest unable to kdump without noapic\n621916 - Host panic on cross-vendor migration (RHEL 5.5 guest)\n622542 - Xorg failures on machines using intel video card driver\n622647 - Reading /proc/locks yelds corrupt data\n623979 - synch arch/i386/pci/irq-xen.c\n626585 - GFS2: [RFE] fallocate support for GFS2\n626974 - nfs: too many GETATTR and ACCESS calls after direct i/o\n626977 - [nfs] make close(2) asynchronous when closing nfs o_direct files\n627496 - Fix shrinking windows with window scaling\n631950 - remove FS-Cache code from NFS\n632399 - Misleading message from fs/nfs/file.c:do_vfs_lock()\n633196 - testing NMI watchdog ... \u003c4\u003eWARNING: CPU#0: NMI appears to be stuck (62-\u003e62)!\n635992 - Areca driver, arcmsr, update\n637970 - GFS2: Not enough space reserved in gfs2_write_begin and possibly elsewhere. \n642388 - ip_nat_ftp not working if ack for \"227 Enter Passive mode\" packet is lost\n643292 - [netfront] ethtool -i should return proper information for netfront device\n643872 - [netback] ethtool -i should return proper information for netback device\n645343 - ISCSI/multipath hang - must propagate SCSI device deletion to DM mpath\n645528 - SIGPROF keeps a large task from ever completing a fork()\n645646 - RFE: Virtio nic should be support \"ethtool -i virtio nic\"\n646513 - HP_GETHOSTINFO ioctl always causes mpt controller reset\n648572 - virtio GSO makes IPv6 very slow\n648657 - fseek()/NFS performance regression between RHEL4 and RHEL5\n648854 - linux-2.6.18: netback: take net_schedule_list_lock when removing entry from net_schedule_list\n651333 - RHEL5.6: EHCI: AMD periodic frame list table quirk\n651409 - BAD SEQID error messages returned by the NFS server\n651512 - e1000 driver tracebacks when running under VMware ESX4\n652321 - jbd2_stats_proc_init has wrong location. \n652369 - temporary loss of path to SAN results in persistent EIO with msync\n653286 - [5.6][REG]for some uses of \u0027nfsservctl\u0027 system call, the kernel crashes. \n653828 - bonding failover in every monitor interval with virtio-net driver\n654293 - sunrpc: need a better way to set tcp_slot_table_entries in RHEL 5\n656836 - Memory leak in virtio-console driver if driver probe routine fails\n657166 - XFS causes kernel panic due to double free of log tickets\n658012 - NMI panic during xfs forced shutdown\n658418 - Kernel warning at boot: i7core_edac: probe of 0000:80:14.0 failed with error -22\n659594 - Kernel panic when restart network on vlan with bonding\n659715 - cifs: ia64 kernel unaligned access\n659816 - Performance counters don\u0027t work on HP Magnycours machines\n660368 - dm-crypt: backport changes to support xts crypto mode\n660661 - fsck.gfs2 reported statfs error after gfs2_grow\n660728 - [LSI 5.7 feat] Update megaraid_sas to 5.34 and Include \"Thunderbolt\" support\n660871 - mpctl module doesn\u0027t release fasync_struct at file close\n661300 - xfstest 222: filesystem on /dev/loop0 is inconsistent\n661306 - [Cisco 5.7 FEAT] Update enic driver to version 2.1.1.9\n661904 - GFS2: Kernel changes necessary to allow growing completely full filesystems. \n663041 - gfs2 FIEMAP oops\n663123 - /proc/partitions not updating after creating LUNs via hpacucli\n663563 - [ext4/xfstests] 011 caused filesystem corruption after running many times in a loop\n664592 - a test unit ready causes a panic on 5.6 (CCISS driver)\n664931 - COW corruption using popen(3). \n665197 - WARNING: APIC timer calibration may be wrong\n665972 - ISVM bit (ECX:31) for CPUID 0x00000001 is missing for HVM on AMD\n666080 - GFS2: Blocks not marked free on delete\n666304 - scsi_dh_emc gives \"error attaching hardware handler\" for EMC active-active SANs\n666866 - Heavy load on ath5k wireless device makes system unresponsive\n667327 - lib: fix vscnprintf() if @size is == 0\n667660 - [NetApp 5.7 Bug] Include new NetApp PID entry to the alua_dev_list array in the ALUA hardware handler\n667810 - \"modprobe ip_conntrack hashsize=NNNN\" panics kernel if /etc/modprobe.conf has hashsize=MMMM\n668934 - UDP transmit under VLAN causes guest freeze\n669603 - incomplete local port reservation\n669961 - [NetApp 5.6 Bug] Erroneous TPG ID check in SCSI ALUA Handler\n670367 - scsi_dh_emc get_req function should set REQ_FAILFAST flags same as upstream and other modules\n670373 - panic in kfree() due to race condition in acpi_bus_receive_event()\n671238 - [bonding] crash when adding/removing slaves with master interface down\n671595 - Flapping errors (and panic) with bonding and arp_interval while using be2net included in 2.6.18-238\n672619 - transmission stops when tap does not consume\n672724 - mmapping a read only file on a gfs2 filesystem incorrectly acquires an exclusive glock\n672981 - lseek() over NFS is returning an incorrect file length under some circumstances\n673058 - kernel panic in pg_init_done - pgpath already deleted\n673242 - Time runs too fast in a VM on processors with \u003e 4GHZ freq\n673459 - virtio_console driver never returns from selecting for write when the queue is full\n673616 - vdso gettimeofday causes a segmentation fault\n674175 - Impossible to load sctp module with ipv6 disable=1\n674226 - Panic in selinux_bprm_post_apply_creds() due to an empty tty_files list\n674298 - [NetApp 5.6 Bug] QLogic 8G FC firmware dumps seen during IO\n674514 - xenctx shows nonsensical values for 32-on-64 and HVM domains\n675727 - vdso: missing wall_to_monotomic export\n675986 - Fix block based fiemap\n677703 - [RHEL5.5] Panic in iscsi_sw_tcp_data_ready()\n677893 - [TestOnly] gfs regression testing for 5.7 beta\n677902 - Incorrect \"Speed\" is recorded in the file \"/proc/net/bonding/bondX\"\n678073 - qeth: allow channel path changes in recovery\n678074 - [usb-audio] unable to set capture mixer levels\n678359 - online disk resizing may cause data corruption\n678571 - hap_gva_to_gfn_* do not preserve domain context\n678618 - gdbsx hypervisor part backport\n679120 - qeth: remove needless IPA-commands in offline\n679407 - [5.7] niu: Fix races between up/down and get_stats. \n679487 - [5.7] net: Fix netdev_run_todo serialization\n680329 - sunrpc: reconnect race can lead to socket read corruption\n681303 - backport vzalloc and vzalloc_node in support of drivers needing these functions\n681586 - Out of vmalloc space\n683155 - gfs2: creating large files suddenly slow to a crawl\n683978 - need to backport common vpd infrastructure to rhel 5\n684795 - missed unlock_page() in gfs2_write_begin()\n688646 - intel_iommu domain id exhaustion\n688989 - [5.6] sysctl tcp_syn_retries is not honored\n689860 - guest with passthrough nic got kernel panic when send system_reset signal in QEMU monitor\n689943 - GFS2 causes kernel panic in spectator mode\n690555 - GFS2: resource group bitmap corruption resulting in panics and withdraws\n692946 - need to backport debugfs_remove_recursive functionality\n695357 - dasd: fix race between open and offline\n696411 - Missing patch for full use of tcp_rto_min parameter\n698432 - [Emulex 5.7] Update lpfc driver to version 8.2.0.96.1p\n698879 - The pci resource for vf is not released after hot-removing Intel 82576 NIC\n700546 - RHEL5: apparent file system corruption of snapshot fs with qla2xxx driver\n702355 - NFS: Fix build break with CONFIG_NFS_V4=n\n702652 - provide option to disable HPET\n702657 - CVE-2011-1780 kernel: xen: svm: insufficiencies in handling emulated instructions during vm exits\n703213 - GFS2: Add \"dlm callback owed\" glock flag\n703416 - host kernel panic while guest running on 10G public bridge. \n704497 - VT-d: Fix resource leaks on error paths in intremap code\n705324 - cifs: regression in unicode conversion routines when mounting with -o mapchars\n705455 - intel-iommu: missing flush prior to removing domains + avoid broken vm/si domain unlinking\n705725 - hvm guest time may go backwards on some hosts\n706414 - Adding slave to balance-tlb bond device results in soft lockup\n709224 - setfacl does not update ctime when changing file permission on ext3/4\n711450 - 12% degradation running IOzone with Outcache testing\n717068 - Kernel panics during Veritas SF testing. \n717742 - [RHEL5.7][kernel-xen] HVM guests hang during installation on AMD systems\n720552 - CVE-2011-2525 kernel: kernel: net_sched: fix qdisc_notify()\n720861 - CVE-2011-2689 kernel: gfs2: make sure fallocate bytes is a multiple of blksize\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 5 client):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/kernel-2.6.18-274.el5.src.rpm\n\ni386:\nkernel-2.6.18-274.el5.i686.rpm\nkernel-PAE-2.6.18-274.el5.i686.rpm\nkernel-PAE-debuginfo-2.6.18-274.el5.i686.rpm\nkernel-PAE-devel-2.6.18-274.el5.i686.rpm\nkernel-debug-2.6.18-274.el5.i686.rpm\nkernel-debug-debuginfo-2.6.18-274.el5.i686.rpm\nkernel-debug-devel-2.6.18-274.el5.i686.rpm\nkernel-debuginfo-2.6.18-274.el5.i686.rpm\nkernel-debuginfo-common-2.6.18-274.el5.i686.rpm\nkernel-devel-2.6.18-274.el5.i686.rpm\nkernel-headers-2.6.18-274.el5.i386.rpm\nkernel-xen-2.6.18-274.el5.i686.rpm\nkernel-xen-debuginfo-2.6.18-274.el5.i686.rpm\nkernel-xen-devel-2.6.18-274.el5.i686.rpm\n\nnoarch:\nkernel-doc-2.6.18-274.el5.noarch.rpm\n\nx86_64:\nkernel-2.6.18-274.el5.x86_64.rpm\nkernel-debug-2.6.18-274.el5.x86_64.rpm\nkernel-debug-debuginfo-2.6.18-274.el5.x86_64.rpm\nkernel-debug-devel-2.6.18-274.el5.x86_64.rpm\nkernel-debuginfo-2.6.18-274.el5.x86_64.rpm\nkernel-debuginfo-common-2.6.18-274.el5.x86_64.rpm\nkernel-devel-2.6.18-274.el5.x86_64.rpm\nkernel-headers-2.6.18-274.el5.x86_64.rpm\nkernel-xen-2.6.18-274.el5.x86_64.rpm\nkernel-xen-debuginfo-2.6.18-274.el5.x86_64.rpm\nkernel-xen-devel-2.6.18-274.el5.x86_64.rpm\n\nRed Hat Enterprise Linux (v. 5 server):\n\nSource:\nftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/kernel-2.6.18-274.el5.src.rpm\n\ni386:\nkernel-2.6.18-274.el5.i686.rpm\nkernel-PAE-2.6.18-274.el5.i686.rpm\nkernel-PAE-debuginfo-2.6.18-274.el5.i686.rpm\nkernel-PAE-devel-2.6.18-274.el5.i686.rpm\nkernel-debug-2.6.18-274.el5.i686.rpm\nkernel-debug-debuginfo-2.6.18-274.el5.i686.rpm\nkernel-debug-devel-2.6.18-274.el5.i686.rpm\nkernel-debuginfo-2.6.18-274.el5.i686.rpm\nkernel-debuginfo-common-2.6.18-274.el5.i686.rpm\nkernel-devel-2.6.18-274.el5.i686.rpm\nkernel-headers-2.6.18-274.el5.i386.rpm\nkernel-xen-2.6.18-274.el5.i686.rpm\nkernel-xen-debuginfo-2.6.18-274.el5.i686.rpm\nkernel-xen-devel-2.6.18-274.el5.i686.rpm\n\nia64:\nkernel-2.6.18-274.el5.ia64.rpm\nkernel-debug-2.6.18-274.el5.ia64.rpm\nkernel-debug-debuginfo-2.6.18-274.el5.ia64.rpm\nkernel-debug-devel-2.6.18-274.el5.ia64.rpm\nkernel-debuginfo-2.6.18-274.el5.ia64.rpm\nkernel-debuginfo-common-2.6.18-274.el5.ia64.rpm\nkernel-devel-2.6.18-274.el5.ia64.rpm\nkernel-headers-2.6.18-274.el5.ia64.rpm\nkernel-xen-2.6.18-274.el5.ia64.rpm\nkernel-xen-debuginfo-2.6.18-274.el5.ia64.rpm\nkernel-xen-devel-2.6.18-274.el5.ia64.rpm\n\nnoarch:\nkernel-doc-2.6.18-274.el5.noarch.rpm\n\nppc:\nkernel-2.6.18-274.el5.ppc64.rpm\nkernel-debug-2.6.18-274.el5.ppc64.rpm\nkernel-debug-debuginfo-2.6.18-274.el5.ppc64.rpm\nkernel-debug-devel-2.6.18-274.el5.ppc64.rpm\nkernel-debuginfo-2.6.18-274.el5.ppc64.rpm\nkernel-debuginfo-common-2.6.18-274.el5.ppc64.rpm\nkernel-devel-2.6.18-274.el5.ppc64.rpm\nkernel-headers-2.6.18-274.el5.ppc.rpm\nkernel-headers-2.6.18-274.el5.ppc64.rpm\nkernel-kdump-2.6.18-274.el5.ppc64.rpm\nkernel-kdump-debuginfo-2.6.18-274.el5.ppc64.rpm\nkernel-kdump-devel-2.6.18-274.el5.ppc64.rpm\n\ns390x:\nkernel-2.6.18-274.el5.s390x.rpm\nkernel-debug-2.6.18-274.el5.s390x.rpm\nkernel-debug-debuginfo-2.6.18-274.el5.s390x.rpm\nkernel-debug-devel-2.6.18-274.el5.s390x.rpm\nkernel-debuginfo-2.6.18-274.el5.s390x.rpm\nkernel-debuginfo-common-2.6.18-274.el5.s390x.rpm\nkernel-devel-2.6.18-274.el5.s390x.rpm\nkernel-headers-2.6.18-274.el5.s390x.rpm\nkernel-kdump-2.6.18-274.el5.s390x.rpm\nkernel-kdump-debuginfo-2.6.18-274.el5.s390x.rpm\nkernel-kdump-devel-2.6.18-274.el5.s390x.rpm\n\nx86_64:\nkernel-2.6.18-274.el5.x86_64.rpm\nkernel-debug-2.6.18-274.el5.x86_64.rpm\nkernel-debug-debuginfo-2.6.18-274.el5.x86_64.rpm\nkernel-debug-devel-2.6.18-274.el5.x86_64.rpm\nkernel-debuginfo-2.6.18-274.el5.x86_64.rpm\nkernel-debuginfo-common-2.6.18-274.el5.x86_64.rpm\nkernel-devel-2.6.18-274.el5.x86_64.rpm\nkernel-headers-2.6.18-274.el5.x86_64.rpm\nkernel-xen-2.6.18-274.el5.x86_64.rpm\nkernel-xen-debuginfo-2.6.18-274.el5.x86_64.rpm\nkernel-xen-devel-2.6.18-274.el5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and \ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2011-1780.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2525.html\nhttps://www.redhat.com/security/data/cve/CVE-2011-2689.html\nhttps://access.redhat.com/security/updates/classification/#important\nhttps://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/5.7_Technical_Notes/kernel.html#RHSA-2011-1065\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2011 Red Hat, Inc. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n ----------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2012-0001\nSynopsis: VMware ESXi and ESX updates to third party library\n and ESX Service Console\nIssue date: 2012-01-30\nUpdated on: 2012-01-30 (initial advisory)\n\nCVE numbers: --- COS Kernel ---\n CVE-2011-0726, CVE-2011-1078, CVE-2011-1079,\n CVE-2011-1080, CVE-2011-1093, CVE-2011-1163,\n CVE-2011-1166, CVE-2011-1170, CVE-2011-1171,\n CVE-2011-1172, CVE-2011-1494, CVE-2011-1495,\n CVE-2011-1577, CVE-2011-1763, CVE-2010-4649,\n CVE-2011-0695, CVE-2011-0711, CVE-2011-1044,\n CVE-2011-1182, CVE-2011-1573, CVE-2011-1576,\n CVE-2011-1593, CVE-2011-1745, CVE-2011-1746,\n CVE-2011-1776, CVE-2011-1936, CVE-2011-2022,\n CVE-2011-2213, CVE-2011-2492, CVE-2011-1780,\n CVE-2011-2525, CVE-2011-2689, CVE-2011-2482,\n CVE-2011-2491, CVE-2011-2495, CVE-2011-2517,\n CVE-2011-2519, CVE-2011-2901\n --- COS cURL ---\n CVE-2011-2192\n --- COS rpm ---\n CVE-2010-2059, CVE-2011-3378\n --- COS samba ---\n CVE-2010-0547, CVE-2010-0787, CVE-2011-1678,\n CVE-2011-2522, CVE-2011-2694\n --- COS python ---\n CVE-2009-3720, CVE-2010-3493, CVE-2011-1015,\n CVE-2011-1521\n --- python library ---\n CVE-2009-3560, CVE-2009-3720, CVE-2010-1634,\n CVE-2010-2089, CVE-2011-1521\n ----------------------------------------------------------------------\n\n1. Summary\n\n VMware ESXi and ESX updates to third party library and ESX Service\n Console address several security issues. \n\n2. Relevant releases\n\n ESXi 4.1 without patch ESXi410-201201401-SG\n\n ESX 4.1 without patches ESX410-201201401-SG, ESX410-201201402-SG,\n ESX410-201201404-SG, ESX410-201201405-SG,\n ESX410-201201406-SG, ESX410-201201407-SG\n\n3. Problem Description\n\n a. ESX third party update for Service Console kernel\n\n The ESX Service Console Operating System (COS) kernel is updated to\n kernel-2.6.18-274.3.1.el5 to fix multiple security issues in the\n COS kernel. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the names CVE-2011-0726, CVE-2011-1078, CVE-2011-1079,\n CVE-2011-1080, CVE-2011-1093, CVE-2011-1163, CVE-2011-1166,\n CVE-2011-1170, CVE-2011-1171, CVE-2011-1172, CVE-2011-1494,\n CVE-2011-1495, CVE-2011-1577, CVE-2011-1763, CVE-2010-4649,\n CVE-2011-0695, CVE-2011-0711, CVE-2011-1044, CVE-2011-1182,\n CVE-2011-1573, CVE-2011-1576, CVE-2011-1593, CVE-2011-1745,\n CVE-2011-1746, CVE-2011-1776, CVE-2011-1936, CVE-2011-2022,\n CVE-2011-2213, CVE-2011-2492, CVE-2011-1780, CVE-2011-2525,\n CVE-2011-2689, CVE-2011-2482, CVE-2011-2491, CVE-2011-2495,\n CVE-2011-2517, CVE-2011-2519, CVE-2011-2901 to these issues. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201201401-SG\n ESX 4.0 ESX patch pending\n ESX 3.5 ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n b. ESX third party update for Service Console cURL RPM\n\n The ESX Service Console (COS) curl RPM is updated to cURL-7.15.5.9\n resolving a security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the name CVE-2011-2192 to this issue. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201201402-SG\n ESX 4.0 ESX patch pending\n ESX 3.5 ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n c. ESX third party update for Service Console nspr and nss RPMs\n\n The ESX Service Console (COS) nspr and nss RPMs are updated to\n nspr-4.8.8-1.el5_7 and nss-3.12.10-4.el5_7 respectively resolving\n a security issues. \n\n A Certificate Authority (CA) issued fraudulent SSL certificates and\n Netscape Portable Runtime (NSPR) and Network Security Services (NSS)\n contain the built-in tokens of this fraudulent Certificate\n Authority. This update renders all SSL certificates signed by the\n fraudulent CA as untrusted for all uses. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201201404-SG\n ESX 4.0 ESX patch pending\n ESX 3.5 ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n d. ESX third party update for Service Console rpm RPMs\n\n The ESX Service Console Operating System (COS) rpm packages are\n updated to popt-1.10.2.3-22.el5_7.2, rpm-4.4.2.3-22.el5_7.2,\n rpm-libs-4.4.2.3-22.el5_7.2 and rpm-python-4.4.2.3-22.el5_7.2\n which fixes multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the names CVE-2010-2059 and CVE-2011-3378 to these issues. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201201406-SG\n ESX 4.0 ESX patch pending\n ESX 3.5 ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n\n e. ESX third party update for Service Console samba RPMs\n\n The ESX Service Console Operating System (COS) samba packages are\n updated to samba-client-3.0.33-3.29.el5_7.4,\n samba-common-3.0.33-3.29.el5_7.4 and\n libsmbclient-3.0.33-3.29.el5_7.4 which fixes multiple security\n issues in the Samba client. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the names CVE-2010-0547, CVE-2010-0787, CVE-2011-1678,\n CVE-2011-2522 and CVE-2011-2694 to these issues. \n\n Note that ESX does not include the Samba Web Administration Tool\n (SWAT) and therefore ESX COS is not affected by CVE-2011-2522 and\n CVE-2011-2694. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201201407-SG\n ESX 4.0 ESX patch pending\n ESX 3.5 ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n f. ESX third party update for Service Console python package\n\n The ESX Service Console (COS) python package is updated to\n 2.4.3-44 which fixes multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the names CVE-2009-3720, CVE-2010-3493, CVE-2011-1015 and\n CVE-2011-1521 to these issues. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.1 ESX ESX410-201201405-SG\n ESX 4.0 ESX patch pending\n ESX 3.5 ESX not applicable\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n g. ESXi update to third party component python\n\n The python third party library is updated to python 2.5.6 which\n fixes multiple security issues. \n\n The Common Vulnerabilities and Exposures project (cve.mitre.org) has\n assigned the names CVE-2009-3560, CVE-2009-3720, CVE-2010-1634,\n CVE-2010-2089, and CVE-2011-1521 to these issues. \n\n Column 4 of the following table lists the action required to\n remediate the vulnerability in each release, if a solution is\n available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n vCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi 5.0 ESXi patch pending\n ESXi 4.1 ESXi ESXi410-201201401-SG\n ESXi 4.0 ESXi patch pending\n ESXi 3.5 ESXi patch pending\n\n ESX 4.1 ESX not affected\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the checksum of your downloaded file. \n\n VMware ESXi 4.1\n ---------------\n ESXi410-201201401\n http://downloads.vmware.com/go/selfsupport-download\n md5sum: BDF86F10A973346E26C9C2CD4C424E88 \n sha1sum: CC0B92869A9AAE4F5E0E5B81BEE109BCD7DA780F\n http://kb.vmware.com/kb/2009143\n ESXi410-201201401 contains ESXi410-201201401-SG\n\n VMware ESX 4.1\n --------------\n ESX410-201201001\n http://downloads.vmware.com/go/selfsupport-download\n md5sum: 16DF9ACD3E74BCABC2494BC23AD0927F \n sha1sum: 1066AE1436E1A75BA3D541AB65296CFB9AB7A5CC\n http://kb.vmware.com/kb/2009142\n\n ESX410-201201001 contains ESX410-201201401-SG, ESX410-201201402-SG,\n ESX410-201201404-SG, ESX410-201201405-SG, ESX410-201201406-SG and\n ESX410-201201407-SG\n\n5. References\n\n CVE numbers\n\n --- COS Kernel ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0726\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1078\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1079\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1080\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1093\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1163\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1166\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1170\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1171\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1172\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1494\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1495\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1577\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1763\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4649\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0695\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0711\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1044\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1182\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1573\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1576\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1593\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1745\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1746\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1776\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1936\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2022\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2213\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2492\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1780\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2525\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2689\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2482\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2491\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2495\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2517\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2519\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2901\n --- COS cURL ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2192\n --- COS rpm ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2059\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3378\n --- COS samba ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0547\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0787\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1678\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2522\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2694\n --- COS python ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3493\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1015\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521\n --- python library ---\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1634\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2089\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1521\n\n ----------------------------------------------------------------------\n\n6. Change log\n\n 2012-01-30 VMSA-2012-0001\n Initial security advisory in conjunction with the release of patches\n for ESX 4.1 and ESXi 4.1 on 2012-01-30. \n\n ----------------------------------------------------------------------\n\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Advisories\nhttp://www.vmware.com/security/advisories\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2012 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.8.3 (Build 4028)\nCharset: utf-8\n\nwj8DBQFPJ5DIDEcm8Vbi9kMRAnzCAKCmaAoDp49d61Mr1emzh/U0N8vbgACdFZk8\nf2pLxi537s+ew4dvnYNWlJ8=\n=OAh4\n-----END PGP SIGNATURE-----\n. On systems without support for hardware\nassisted paging (HAP), such as those running CPUs that do not have support\nfor (or those that have it disabled) Intel Extended Page Tables (EPT) or\nAMD Virtualization (AMD-V) Rapid Virtualization Indexing (RVI), this bug\ncould cause fully-virtualized guests to crash or lead to silent memory\ncorruption. (BZ#712884)\n\n* A bug in the way the ibmvscsi driver handled interrupts may have\nprevented automatic path recovery for multipath devices. This bug only\naffected 64-bit PowerPC systems. (BZ#720929)\n\n* The RHSA-2009:1243 update introduced a regression in the way file locking\non NFS (Network File System) was handled. This caused applications to hang\nif they made a lock request on a file on an NFS version 2 or 3 file system\nthat was mounted with the \"sec=krb5\" option. With this update, the original\nbehavior of using mixed RPC authentication flavors for NFS and locking\nrequests has been restored. (BZ#722854)\n\nUsers should upgrade to these updated packages, which contain backported\npatches to resolve these issues", "sources": [ { "db": "NVD", "id": "CVE-2011-1780" }, { "db": "JVNDB", "id": "JVNDB-2011-005254" }, { "db": "BID", "id": "48610" }, { "db": "BID", "id": "78576" }, { "db": "BID", "id": "51749" }, { "db": "PACKETSTORM", "id": "109259" }, { "db": "PACKETSTORM", "id": "103239" }, { "db": "PACKETSTORM", "id": "109299" }, { "db": "PACKETSTORM", "id": "104072" } ], "trust": 2.79 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2011-1780", "trust": 3.3 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2011/07/07/3", "trust": 2.7 }, { "db": "BID", "id": "51749", "trust": 0.9 }, { "db": "JVNDB", "id": "JVNDB-2011-005254", "trust": 0.8 }, { "db": "SECUNIA", "id": "47804", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201201-419", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2011:1163", "trust": 0.6 }, { "db": "REDHAT", "id": "RHSA-2011:1065", "trust": 0.6 }, { "db": "SECUNIA", "id": "53555", "trust": 0.6 }, { "db": "SECUNIA", "id": "45889", "trust": 0.6 }, { "db": "SECUNIA", "id": "45328", "trust": 0.6 }, { "db": "MLIST", "id": "[OSS-SECURITY] 20110707 CVE-2011-1780, CVE-2011-1936, KERNEL/XEN ISSUES", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201107-366", "trust": 0.6 }, { "db": "HITACHI", "id": "HS12-005", "trust": 0.4 }, { "db": "BID", "id": "48610", "trust": 0.3 }, { "db": "BID", "id": "78576", "trust": 0.3 }, { "db": "PACKETSTORM", "id": "109259", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "103239", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "109299", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "104072", "trust": 0.1 } ], "sources": [ { "db": "BID", "id": "48610" }, { "db": "BID", "id": "78576" }, { "db": "BID", "id": "51749" }, { "db": "JVNDB", "id": "JVNDB-2011-005254" }, { "db": "PACKETSTORM", "id": "109259" }, { "db": "PACKETSTORM", "id": "103239" }, { "db": "PACKETSTORM", "id": "109299" }, { "db": "PACKETSTORM", "id": "104072" }, { "db": "CNNVD", "id": "CNNVD-201201-419" }, { "db": "CNNVD", "id": "CNNVD-201107-366" }, { "db": "NVD", "id": "CVE-2011-1780" } ] }, "id": "VAR-201401-0009", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VARIoT devices database", "id": null } ], "trust": 0.225 }, "last_update_date": "2024-06-14T21:28:49.913000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Bug 702657", "trust": 0.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=702657" }, { "title": "RHSA-2011:1163", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2011-1163.html" }, { "title": "RHSA-2011:1065", "trust": 0.8, "url": "http://rhn.redhat.com/errata/rhsa-2011-1065.html" }, { "title": "Top Page", "trust": 0.8, "url": "http://www.xenproject.org/" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-005254" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-20", "trust": 1.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-005254" }, { "db": "NVD", "id": "CVE-2011-1780" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.7, "url": "http://www.openwall.com/lists/oss-security/2011/07/07/3" }, { "trust": 1.8, "url": "http://rhn.redhat.com/errata/rhsa-2011-1065.html" }, { "trust": 1.7, "url": "http://rhn.redhat.com/errata/rhsa-2011-1163.html" }, { "trust": 1.6, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=702657" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1780" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-1780" }, { "trust": 0.6, "url": "http://www.securityfocus.com/bid/51749" }, { "trust": 0.6, "url": "http://secunia.com/advisories/45328" }, { "trust": 0.6, "url": "http://secunia.com/advisories/45889" }, { "trust": 0.6, "url": "http://secunia.com/advisories/47804" }, { "trust": 0.6, "url": "http://secunia.com/advisories/53555" }, { "trust": 0.4, "url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hs12-005/index.html" }, { "trust": 0.3, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2011-1780" }, { "trust": 0.3, "url": "http://permalink.gmane.org/gmane.comp.security.oss.general/5435" }, { "trust": 0.3, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2011-1936" }, { "trust": 0.3, "url": "http://wiki.openvz.org/download/kernel/rhel5/028stab092.2" }, { "trust": 0.3, "url": "http://xen.xensource.com/" }, { "trust": 0.3, "url": "http://support.avaya.com/css/p8/documents/100147390" }, { "trust": 0.3, "url": "http://support.avaya.com/css/p8/documents/100148240" }, { "trust": 0.3, "url": "http://www.hds.com/products/storage-software/hitachi-device-manager.html" }, { "trust": 0.2, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2011-1780.html" }, { "trust": 0.2, "url": "https://access.redhat.com/kb/docs/doc-11259" }, { "trust": 0.2, "url": "https://access.redhat.com/security/team/key/#package" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1780" }, { "trust": 0.2, "url": "http://bugzilla.redhat.com/):" }, { "trust": 0.2, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2525" }, { "trust": 0.2, "url": "https://www.redhat.com/security/data/cve/cve-2011-2525.html" }, { "trust": 0.2, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.2, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.1, "url": "https://ca.secunia.com/?page=viewadvisory\u0026vuln_id=47804" }, { "trust": 0.1, "url": "http://secunia.com/company/jobs/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_intelligence/" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hs12-005/index.html" }, { "trust": 0.1, "url": "http://secunia.com/vulnerability_scanning/personal/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/advisories/47804/#comments" }, { "trust": 0.1, "url": "http://secunia.com/advisories/47804/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-2689" }, { "trust": 0.1, "url": "https://docs.redhat.com/docs/en-us/red_hat_enterprise_linux/5/html/5.7_tech" }, { "trust": 0.1, "url": "https://docs.redhat.com/docs/en-us/red_hat_enterprise_linux/5/html/5.7_technical_notes/kernel.html#rhsa-2011-1065" }, { "trust": 0.1, "url": "https://www.redhat.com/security/data/cve/cve-2011-2689.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0711" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2495" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2901" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2522" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1166" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1015" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1163" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1573" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1093" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2525" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1746" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/1055" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2192" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-4649" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-4649" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1078" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1170" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1745" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1015" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3560" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1163" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1936" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1494" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1573" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2689" }, { "trust": 0.1, "url": "http://downloads.vmware.com/go/selfsupport-download" }, { "trust": 0.1, "url": "http://www.vmware.com/support/policies/eos_vi.html" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2519" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0726" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3560" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/2009143" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1763" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1166" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1044" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2482" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-3493" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1078" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1521" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0711" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1171" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2213" }, { "trust": 0.1, "url": "http://www.vmware.com/support/policies/eos.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1079" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0547" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-0787" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1521" }, { "trust": 0.1, "url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1577" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2491" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2059" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1172" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1172" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0726" }, { "trust": 0.1, "url": "http://www.vmware.com/security/advisories" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-2089" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2009-3720" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1678" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1182" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1080" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1080" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1634" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-0695" }, { "trust": 0.1, "url": "http://www.vmware.com/support/policies/security_response.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1494" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0787" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0695" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2517" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1079" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1044" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3720" }, { "trust": 0.1, "url": "http://kb.vmware.com/kb/2009142" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2022" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1593" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1182" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1170" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2089" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2694" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0547" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-2492" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-2059" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1495" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1093" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-3493" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1576" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-3378" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2010-1634" }, { "trust": 0.1, "url": "https://nvd.nist.gov/vuln/detail/cve-2011-1171" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1495" }, { "trust": 0.1, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-1776" }, { "trust": 0.1, "url": "https://rhn.redhat.com/errata/rhsa-2009-1243.html" } ], "sources": [ { "db": "BID", "id": "48610" }, { "db": "BID", "id": "78576" }, { "db": "BID", "id": "51749" }, { "db": "JVNDB", "id": "JVNDB-2011-005254" }, { "db": "PACKETSTORM", "id": "109259" }, { "db": "PACKETSTORM", "id": "103239" }, { "db": "PACKETSTORM", "id": "109299" }, { "db": "PACKETSTORM", "id": "104072" }, { "db": "CNNVD", "id": "CNNVD-201201-419" }, { "db": "CNNVD", "id": "CNNVD-201107-366" }, { "db": "NVD", "id": "CVE-2011-1780" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "BID", "id": "48610" }, { "db": "BID", "id": "78576" }, { "db": "BID", "id": "51749" }, { "db": "JVNDB", "id": "JVNDB-2011-005254" }, { "db": "PACKETSTORM", "id": "109259" }, { "db": "PACKETSTORM", "id": "103239" }, { "db": "PACKETSTORM", "id": "109299" }, { "db": "PACKETSTORM", "id": "104072" }, { "db": "CNNVD", "id": "CNNVD-201201-419" }, { "db": "CNNVD", "id": "CNNVD-201107-366" }, { "db": "NVD", "id": "CVE-2011-1780" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2011-07-07T00:00:00", "db": "BID", "id": "48610" }, { "date": "2014-01-07T00:00:00", "db": "BID", "id": "78576" }, { "date": "2012-01-31T00:00:00", "db": "BID", "id": "51749" }, { "date": "2014-01-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-005254" }, { "date": "2012-01-31T06:49:21", "db": "PACKETSTORM", "id": "109259" }, { "date": "2011-07-21T23:12:27", "db": "PACKETSTORM", "id": "103239" }, { "date": "2012-01-30T12:12:00", "db": "PACKETSTORM", "id": "109299" }, { "date": "2011-08-16T12:12:00", "db": "PACKETSTORM", "id": "104072" }, { "date": "1900-01-01T00:00:00", "db": "CNNVD", "id": "CNNVD-201201-419" }, { "date": "2011-07-25T00:00:00", "db": "CNNVD", "id": "CNNVD-201107-366" }, { "date": "2014-01-07T19:55:05.923000", "db": "NVD", "id": "CVE-2011-1780" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2013-05-27T14:54:00", "db": "BID", "id": "48610" }, { "date": "2014-01-07T00:00:00", "db": "BID", "id": "78576" }, { "date": "2012-01-31T00:00:00", "db": "BID", "id": "51749" }, { "date": "2014-01-09T00:00:00", "db": "JVNDB", "id": "JVNDB-2011-005254" }, { "date": "2012-02-02T00:00:00", "db": "CNNVD", "id": "CNNVD-201201-419" }, { "date": "2014-01-08T00:00:00", "db": "CNNVD", "id": "CNNVD-201107-366" }, { "date": "2014-01-08T17:46:32.900000", "db": "NVD", "id": "CVE-2011-1780" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "network", "sources": [ { "db": "BID", "id": "78576" }, { "db": "BID", "id": "51749" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Xen Service disruption in instruction emulation (DoS) Vulnerabilities", "sources": [ { "db": "JVNDB", "id": "JVNDB-2011-005254" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "xss", "sources": [ { "db": "PACKETSTORM", "id": "109259" }, { "db": "CNNVD", "id": "CNNVD-201201-419" } ], "trust": 0.7 } }
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.