HomePentest-Tools.com Logo

Citrix NetScaler Service Delivery Appliance Multiple Security Updates (CTX206006) CVE-2015-4163CVE-2015-4106CVE-2015-4105CVE-2015-4104CVE-2015-4103CVE-2015-2756

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

A number of vulnerabilities have been identified in the Citrix NetScaler Service Delivery Appliance (SDX) that could allow a malicious administrative user to crash the host or other VMs and execute arbitrary code on the SDX host.

Risk description

The following vulnerabilities exist: - CVE-2015-4163: GNTTABOP_swap_grant_ref operation misbehaviour - CVE-2015-4106: Unmediated PCI register access in qemu - CVE-2015-4105: Guest triggerable qemu MSI-X pass-through error messages - CVE-2015-4104: PCI MSI mask bits inadvertently exposed to guests - CVE-2015-4103: Potential unintended writes to host MSI message data field via qemu - CVE-2015-2756: Unmediated PCI command register access in qemu

Recommendation

See the referenced vendor advisory for a solution.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Apr 1, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available