First published: Thu Sep 27 2007(Updated: )
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest domain, allows local users with elevated privileges in the guest domain to execute arbitrary commands in domain 0 via a crafted grub.conf file whose contents are used in exec statements.
Credit: secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Xensource Inc Xen | =3.0.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.