Xen 'xenmon.py' and 'xenbaked' Insecure Temporary File Creation Vulnerability

Bugtraq ID: 26190
Class: Design Error
CVE: CVE-2007-3919
Remote: No
Local: Yes
Published: Oct 23 2007 12:00AM
Updated: May 13 2008 08:55PM
Credit: Steve Kemp from Debian disclosed this vulnerability.
Vulnerable: XenSource Xen 3.0
Redhat Fedora Core7
Redhat Enterprise Linux Virtualization 5 Server
Redhat Enterprise Linux Desktop Workstation 5 client
Redhat Enterprise Linux Desktop Multi OS 5 client
Redhat Enterprise Linux 5 Server
Mandriva Linux Mandrake 2007.1 x86_64
Mandriva Linux Mandrake 2007.1
Mandriva Linux Mandrake 2007.0 x86_64
Mandriva Linux Mandrake 2007.0
MandrakeSoft Corporate Server 4.0 x86_64
MandrakeSoft Corporate Server 4.0
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia-64
Debian Linux 4.0 ia-32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus