Vulnerability Name:

CVE-2011-1763 (CCN-67788)

Assigned:2011-05-31
Published:2011-05-31
Updated:2015-09-03
Summary:The get_free_port function in Xen allows local authenticated DomU users to cause a denial of service or possibly gain privileges via unspecified vectors involving a new event channel port.
CVSS v3 Severity:2.8 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): Required
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:7.7 High (CVSS v2 Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C)
5.7 Medium (Temporal CVSS v2 Vector: AV:A/AC:L/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): Low
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P)
1.3 Low (CCN Temporal CVSS v2 Vector: AV:L/AC:L/Au:S/C:N/I:N/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
6.5 Medium (REDHAT CVSS v2 Vector: AV:A/AC:H/Au:S/C:C/I:C/A:C)
4.8 Medium (REDHAT Temporal CVSS v2 Vector: AV:A/AC:H/Au:S/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Adjacent_Network
Access Complexity (AC): High
Authentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
Vulnerability Type:CWE-noinfo
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2011-1763

Source: CONFIRM
Type: UNKNOWN
http://downloads.avaya.com/css/P8/documents/100145416

Source: CCN
Type: XenSource Web site
Xen

Source: CCN
Type: RHSA-2011-0833
Important: kernel security and bug fix update

Source: REDHAT
Type: UNKNOWN
RHSA-2011:0833

Source: CCN
Type: SA44889
OpenVZ update for kernel

Source: CCN
Type: OpenVZ Web site
OpenVZ

Source: CCN
Type: OSVDB ID: 74649
Linux Kernel Xen Hypervisor Implementation New Event Channel Port Handling Local Privilege Escalation

Source: CCN
Type: BID-48048
Xen 'get_free_port()' Denial of Service Vulnerability

Source: CONFIRM
Type: UNKNOWN
https://bugzilla.redhat.com/show_bug.cgi?id=701240

Source: XF
Type: UNKNOWN
xen-getfreeport-dos(67788)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:xen:xen:*:*:*:*:*:*:*:*

    • Configuration RedHat 1:
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*

    • Configuration RedHat 2:
  • cpe:/o:redhat:enterprise_linux:5::server:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/a:xensource:xen:*:*:*:*:*:*:*:*
  • AND
  • cpe:/o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux:5:*:client:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_eus:5.6.z::server:*:*:*:*:*
  • OR cpe:/o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.mitre.oval:def:22352
    P
    		ELSA-2011:0833: kernel security and bug fix update (Important)
    2014-07-21
    oval:org.mitre.oval:def:21965
    P
    		RHSA-2011:0833: kernel security and bug fix update (Important)
    2014-02-24
    oval:org.mitre.oval:def:20531
    V
    		VMware ESXi and ESX updates to third party library and ESX Service Console
    2014-01-20
    oval:com.ubuntu.precise:def:20111763000
    V
    		CVE-2011-1763 on Ubuntu 12.04 LTS (precise) - medium.
    2014-01-07
    oval:com.redhat.rhsa:def:20110833
    P
    		RHSA-2011:0833: kernel security and bug fix update (Important)
    2011-05-31
    BACK
    xen xen *
    xensource xen *
    redhat enterprise linux 5
    redhat enterprise linux 5
    redhat enterprise linux eus 5.6.z
    redhat enterprise linux long life 5.6