Oval Definition:	oval:org.mitre.oval:def:9466
Revision Date: 2013-04-29 Version: 12 Title: The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the expected password. Description: The pyGrub boot loader in Xen 3.0.3, 3.3.0, and Xen-3.3.1 does not support the password option in grub.conf for para-virtualized guests, which allows attackers with access to the para-virtualized guest console to boot the guest or modify the guest's kernel boot parameters without providing the expected password. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2009-3525 Platform(s): CentOS Linux 5 Oracle Linux 5 Red Hat Enterprise Linux 5 Product(s): Definition Synopsis RHEL5, CentOS5 or Oracle Linux 5 The operating system installed on the system is Red Hat Enterprise Linux 5 OR The operating system installed on the system is CentOS Linux 5.x OR Oracle Linux 5.x AND Configuration section xen-libs is earlier than 0:3.0.3-94.el5_4.1 OR xen is earlier than 0:3.0.3-94.el5_4.1 OR xen-devel is earlier than 0:3.0.3-94.el5_4.1
BACK