Vulnerability Name:

CVE-2008-5716 (CCN-47668)

Assigned:2008-12-18
Published:2008-12-18
Updated:2017-08-08
Summary:xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid.
Note: this issue exists because of erroneous set_permissions calls in the fix for CVE-2008-4405.
CVSS v3 Severity:5.1 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
5.5 Medium (Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:TF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
3.6 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P)
2.7 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:N/C:N/I:P/A:P/E:U/RL:TF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-264
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2008-5716

Source: CCN
Type: Xen-devel Mailing List, Thu, 18 Dec 2008 15:53:07 +0000
PATCH: Actually make /local/domain/$DOMID readonly to the gu

Source: MLIST
Type: UNKNOWN
[xen-devel] 20081218 PATCH: Actually make /local/domain/$DOMID readonly to the guest

Source: MLIST
Type: UNKNOWN
[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest

Source: MLIST
Type: UNKNOWN
[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest

Source: MLIST
Type: UNKNOWN
[xen-devel] 20081218 Re: PATCH: Actually make /local/domain/$DOMID readonly to the guest

Source: CCN
Type: oss-security Mailing List, Fri, 19 Dec 2008 10:59:40 +0100
CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete)

Source: MLIST
Type: UNKNOWN
[oss-security] 20081219 CVE Request -- Xen (Upstream patch for CVE-2008-4405 is incomplete)

Source: BID
Type: UNKNOWN
31499

Source: CCN
Type: BID-31499
Xen XenStore Domain Configuration Data Unsafe Storage Vulnerability

Source: XF
Type: UNKNOWN
xen-xend-xenstore-dos(47668)

Source: XF
Type: UNKNOWN
xen-xend-xenstore-dos(47668)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:citrix:xen:3.3.0:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:com.ubuntu.precise:def:20084405000
    V
    		CVE-2008-5716 on Ubuntu 12.04 LTS (precise) - low.
    2008-10-03
    BACK
    citrix xen 3.3.0