PT-2019-6508 · Xen · Dtc-Xen
Thomas Goirand
+1
·
Publicado
2019-11-09
·
Atualizado
2019-11-12
·
CVE-2009-4011
CVSS v2.0
6.8
Média
| Vetor | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
dtc-xen versions 0.5.x before 0.5.4
Description
The issue is related to a race condition that could allow an attacker to gain bash access as the xenXX user on the dom0, potentially reusing an already opened VPS console.
Recommendations
For dtc-xen versions 0.5.x before 0.5.4, update to version 0.5.4 or later to resolve the issue.
Correção
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Dtc-Xen