Published: 05/10/2009 Updated: 19/09/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the expected password.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xen xen 3.3.1
xen xen 3.0.3
xen xen 3.3.0

source: wwwsecurityfocuscom/bid/36523/info Xen is prone to a local authentication-bypass vulnerability A local attacker with physical access to an affected host can exploit this issue to bypass authentication and modify the 'grubconf' file This may aid in a complete compromise of the affected system Xen 303, 330, and 331 are a ...

CWE-264 https://bugzilla.redhat.com/show_bug.cgi?id=525740 http://xenbits.xensource.com/xen-unstable.hg?rev/8f783adc0ee3 http://www.openwall.com/lists/oss-security/2009/09/25/1 https://bugzilla.redhat.com/show_bug.cgi?id=525740#c0 http://www.redhat.com/support/errata/RHSA-2009-1472.html http://www.securityfocus.com/bid/36523 http://www.securitytracker.com/id?1022950 http://secunia.com/advisories/36908 http://lists.opensuse.org/opensuse-security-announce/2010-05/msg00002.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9466 https://nvd.nist.gov https://www.exploit-db.com/exploits/33255/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2009-3525

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect