Citrix XenServer Multiple Denial of Service Vulnerabilities

SA52353

CVE-2013-0153, CVE-2013-0215, CVE-2013-0216, CVE-2013-0217, CVE-2013-0231

27 Feb 2013

Not Critical

Vendor Patch

Local system

DoS (Denial of Service)

This includes vulnerabilities ranging from excessive resource consumption (e.g. causing a system to use a lot of memory) to crashing an application or an entire system.

Citrix has acknowledged multiple vulnerabilities in XenServer, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service).

For more information:
SA51881
SA52055
SA52056
SA52059

The vulnerabilities are reported in versions 6.1 and prior.

Apply updates.

Citrix XenServer version 6.1:
Apply XS61E013 and XS61E014
http://support.citrix.com/article/CTX136482
http://support.citrix.com/article/CTX136483

Citrix XenServer 6.0.2:
Apply XS602E020 and XS602E021
http://support.citrix.com/article/CTX136478
http://support.citrix.com/article/CTX136479

Citrix XenServer 6.0.2 CC:
Apply XS602ECC003 and XS602ECC004
http://support.citrix.com/article/CTX136480
http://support.citrix.com/article/CTX136481

Citrix XenServer 6.0.0:
Apply XS60E026 and XS60E027
http://support.citrix.com/article/CTX136476
http://support.citrix.com/article/CTX136477

Citrix XenServer 5.6 Service Pack 2:
Apply XS56ESP2023 and XS56ESP2024
http://support.citrix.com/article/CTX136474
http://support.citrix.com/article/CTX136475

Citrix XenServer 5.6 Feature Pack 1:
Apply XS56EFP1015 and XS56EFP1016
http://support.citrix.com/article/CTX136472
http://support.citrix.com/article/CTX136473

Citrix XenServer 5.6:
Apply XS56E017
http://support.citrix.com/article/CTX136470

Citrix XenServer 5.6 CC:
Apply XS56ECC007
http://support.citrix.com/article/CTX136471

Citrix XenServer 5.5 Update 2:
Apply XS55EU2015
http://support.citrix.com/article/CTX136469

Citrix XenServer 5.0 Update 3:
Apply XS50EU3015
http://support.citrix.com/article/CTX136468

http://support.citrix.com/article/CTX136540