Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-4011

dtc-xen 0.5.x before 0.5.4 suffers from a race condition where an attacker could potentially get a bash access as xenXX user on the dom0, and then access a potentially reuse an already opened VPS console.

Related bugs and status

CVE-2009-4011 (Candidate) is related to these bugs:

Bug #426650: Please sync with the new package from SID

Summary				In	Importance	Status
	426650	Please sync with the new package from SID		dtc-xen (Ubuntu)	Undecided	Fix Released

Bug #505072: Please sync dtc-xen from SID

Summary				In	Importance	Status
	505072	Please sync dtc-xen from SID		dtc-xen (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://bugs.launchpad...
MISC: https://security-track...
MISC: https://tracker.debian...