Citrix XenServer Multiple Security Updates

  1. Network Vulnerabilities
  2. General
  3. Citrix XenServer Multiple Security Updates
Summary
A number of security vulnerabilities have been identified in Citrix XenServer. These vulnerabilities affect all currently supported versions of Citrix XenServer up to and including Citrix XenServer 6.2 Service Pack 1. The following vulnerabilities have been addressed: - CVE-2014-4021: Citrix XenServer potential guest information leak through hypervisor page reuse - CVE-2014-4947: Buffer overflow in Citrix XenServer HVM graphics console support - CVE-2014-4948: Citrix XenServer guest denial of service and information leak through guest VHD modification
Solution
Apply the hotfix referenced in the advisory
Affected
Citrix XenServer 6.2 Service Pack 1, Citrix XenServer 6.1, Citrix XenServer 6.0.2 Citrix XenServer 6.0.0
Detection
Check the installed hotfixes
References
Updated on 2015-03-25
Severity
High Severity
Classification
Related Vulnerabilities