| VID |
50028 |
| Severity |
20 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version xVM VirtualBox which is older than 4.1.22 has been installed on the host
The remote Windows host has an application that is affected by local denial of service vulnerabilities.
The remote host contains a version of Sun xVM VirtualBox, an open source virtualization platform, before 4.1.22. Such versions have a local denial of service vulnerability caused by invocation of software interrupt 0x8 from userspace.
An attacker with access to the guest VM could leverage this to cause a
denial of service.
* Note: This check requires an account with Guest or upper privileges which can access the registry of the remote host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.halfdog.net/Security/2012/VirtualBoxSoftwareInterrupt0x8GuestCrash/
https://www.virtualbox.org/wiki/Changelog
* Platforms Affected:
Sun xVM VirtualBox prior to 4.1.22 |
| Recommendation |
Upgrade to the latest version of xVM VirtualBox (4.1.22 or later), available from the Mozilla Firefox Download Web page at http://www.virtualbox.org/wiki/Downloads |
| Related URL |
(CVE) |
| Related URL |
55471 (SecurityFocus) |
| Related URL |
(ISS) |
|
