The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of Citrix XenDesktop
glibc: buffer overflow of getaddrinfo
An attacker, who owns a malicious DNS server, can reply with long data to a client application using the getaddrinfo() function of the glibc, in order to trigger a denial of service, and possibly to run code in the client application...
046146, 046151, 046153, 046155, 046158, 1977665, 478832, 479427, 479906, 480572, 480707, 480708, ARUBA-PSA-2016-001, BSA-2016-003, BSA-2016-004, CERTFR-2016-AVI-066, CERTFR-2016-AVI-071, CERTFR-2017-AVI-012, CERTFR-2017-AVI-022, cisco-sa-20160218-glibc, CTX206991, CVE-2015-7547, DSA-2019-197, ESA-2016-020, ESA-2016-027, ESA-2016-028, ESA-2016-029, ESA-2016-030, FEDORA-2016-0480defc94, FEDORA-2016-0f9e9a34ce, JSA10774, JSA11023, KB #4858, openSUSE-SU-2016:0490-1, openSUSE-SU-2016:0510-1, openSUSE-SU-2016:0511-1, openSUSE-SU-2016:0512-1, PAN-SA-2016-0021, RHSA-2016:0175-01, RHSA-2016:0176-01, RHSA-2016:0225-01, SA114, SB10150, SOL47098834, SSA:2016-054-02, SSA-301706, SUSE-SU-2016:0470-1, SUSE-SU-2016:0471-1, SUSE-SU-2016:0472-1, SUSE-SU-2016:0473-1, USN-2900-1, VIGILANCE-VUL-18956, VMSA-2016-0002, VMSA-2016-0002.1, VN-2016-003 |
OpenSSL: information disclosure via Heartbeat
An attacker can use the Heartbeat protocol on an application compiled with OpenSSL, in order to obtain sensitive information, such as keys stored in memory...
1669839, 190438, 2076225, 2962393, c04236102, c04267775, c04286049, CA20140413-01, CERTFR-2014-ALE-003, CERTFR-2014-AVI-156, CERTFR-2014-AVI-161, CERTFR-2014-AVI-162, CERTFR-2014-AVI-167, CERTFR-2014-AVI-169, CERTFR-2014-AVI-177, CERTFR-2014-AVI-178, CERTFR-2014-AVI-179, CERTFR-2014-AVI-180, CERTFR-2014-AVI-181, CERTFR-2014-AVI-198, CERTFR-2014-AVI-199, CERTFR-2014-AVI-213, cisco-sa-20140409-heartbleed, CTX140605, CVE-2014-0160, CVE-2014-0346-REJECT, DSA-2896-1, DSA-2896-2, emr_na-c04236102-7, ESA-2014-034, ESA-2014-036, ESA-2014-075, FEDORA-2014-4879, FEDORA-2014-4910, FEDORA-2014-4982, FEDORA-2014-4999, FG-IR-14-011, FreeBSD-SA-14:06.openssl, Heartbleed, HPSBMU02995, HPSBMU03025, HPSBMU03040, ICSA-14-105-03, JSA10623, MDVSA-2014:123, MDVSA-2015:062, NetBSD-SA2014-004, openSUSE-SU-2014:0492-1, openSUSE-SU-2014:0560-1, openSUSE-SU-2014:0719-1, pfSense-SA-14_04.openssl, RHSA-2014:0376-01, RHSA-2014:0377-01, RHSA-2014:0378-01, RHSA-2014:0396-01, RHSA-2014:0416-01, SA40005, SA79, SB10071, SOL15159, SPL-82696, SSA:2014-098-01, SSA-635659, SSRT101565, USN-2165-1, VIGILANCE-VUL-14534, VMSA-2014-0004, VMSA-2014-0004.1, VMSA-2014-0004.2, VMSA-2014-0004.3, VMSA-2014-0004.6, VMSA-2014-0004.7, VU#720951 |
Xen: denial of service via the paging management
An attacker can raise a fatal exception in the page table management of Xen, in order to trigger a denial of service...
BID-60799, CERTA-2013-AVI-394, CERTA-2013-AVI-496, CTX138134, CTX138633, CVE-2013-1432, DSA-3006-1, FEDORA-2013-11837, FEDORA-2013-11871, FEDORA-2013-11874, openSUSE-SU-2013:1392-1, openSUSE-SU-2013:1404-1, SUSE-SU-2014:0446-1, VIGILANCE-VUL-13010, XSA-58 |
Xen: privilege escalation via libelf
An attacker, who is administrator in a PV/HVM kernel, can load a malicious kernel/firmware, to corrupt the memory of libelf of Xen, in order to escalate his privileges on the host system...
BID-60701, BID-60702, BID-60703, CERTA-2013-AVI-380, CERTA-2013-AVI-496, CTX138058, CTX138633, CVE-2013-2194, CVE-2013-2195, CVE-2013-2196, DSA-3006-1, FEDORA-2013-10929, FEDORA-2013-10941, SUSE-SU-2013:1314-1, SUSE-SU-2014:0411-1, SUSE-SU-2014:0446-1, SUSE-SU-2014:0470-1, VIGILANCE-VUL-12914, XSA-55 |
Xen: denial of service via pciback
An attacker, who is located in a guest system, can trigger numerous PCI errors, in order to overload the host system...
BID-57740, CERTA-2013-AVI-098, CERTA-2013-AVI-158, CERTA-2013-AVI-259, CERTA-2013-AVI-412, CERTA-2013-AVI-496, CTX136540, CTX138633, CVE-2013-0231, DSA-2632-1, FEDORA-2013-2728, MDVSA-2013:194, openSUSE-SU-2013:0395-1, openSUSE-SU-2013:0396-1, openSUSE-SU-2013:0925-1, openSUSE-SU-2013:1619-1, RHSA-2013:0747-01, SUSE-SU-2013:0674-1, SUSE-SU-2013:0759-1, SUSE-SU-2013:0759-2, SUSE-SU-2013:0786-1, SUSE-SU-2019:14051-1, VIGILANCE-VUL-12380, XSA-43 |
Our database contains other pages. You can request a free trial to read them.
|