[kernel-xen] [Xen-announce] Xen Security Advisory 56 (CVE-2013-2072) - Buffer overflow in xencontrol Python bindings affecting xend

Adi Pircalabu adi at ddns.com.au
Mon May 20 09:38:24 EST 2013


On 2013-05-19 09:47, Steven Haigh wrote:
> The 'exploit' is very limited in scope and I highly doubt that anyone
> is running a configuration that lets untrusted administrators at a
> position that would exploit this.

Fully agree, shouldn't turn a management flaw into a technical issue. If 
there'll be no change in the scope I'd say it's wise to wait, this way 
many will avoid the testing overhead linked always to rolling out new 
packages.

-- 
Adi Pircalabu, System Administrator
Discount Domain Name Services Pty Ltd, a Total Internet Company
PO Box 887, Hawthorn Vic 3122, Australia, T +61 3 9815 6868
Ask me about cloud hosting services


More information about the kernel-xen mailing list