header-logo
Suggest Exploit
vendor:
Xen
by:
SecurityFocus
7.2
CVSS
HIGH
Authentication-Bypass
287
CWE
Product Name: Xen
Affected Version From: Xen 3.0.3
Affected Version To: Xen 3.3.1
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Xen Local Authentication-Bypass Vulnerability

A local attacker with physical access to an affected host can exploit this issue to bypass authentication and modify the 'grub.conf' file. This may aid in a complete compromise of the affected system. To exploit this vulnerability, an attacker can use the xm create -c guest command, press the space bar to stop the grub count down, press e to edit, select the kernel line and press e, append a '1' to the end of the kernel line and press return, and press 'b' to boot.

Mitigation:

Ensure physical access to the system is restricted.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/36523/info

Xen is prone to a local authentication-bypass vulnerability.

A local attacker with physical access to an affected host can exploit this issue to bypass authentication and modify the 'grub.conf' file. This may aid in a complete compromise of the affected system.

Xen 3.0.3, 3.3.0, and 3.3.1 are affected; other versions may also be vulnerable.

xm create -c guest
press space bar to stop the grub count down
press e to edit
select the kernel line and press e
Append a "1" to the end of the kernel line and press return
press "b" to boot

Navigation

Suggest Exploit

Services By CQR