JVN/CVE Demo: Cveinfos

CVE

Id: 56739
CVE No.: CVE-2012-3496
Status: Candidate
Description: XENMEM_populate_physmap in Xen 4.0, 4.1, and 4.2, and Citrix XenServer 6.0.2 and earlier, when translating paging mode is not used, allows local PV OS guest kernels to cause a denial of service (BUG triggered and host crash) via invalid flags such as MEMF_populate_on_demand.
Phase: Assigned (20120614)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
587506	56739	CVE-2012-3496	MLIST:[Xen-announce] 20120905 Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability	View
587507	56739	CVE-2012-3496	URL:http://lists.xen.org/archives/html/xen-announce/2012-09/msg00002.html	View
587508	56739	CVE-2012-3496	MLIST:[oss-security] 20120905 Xen Security Advisory 14 (CVE-2012-3496) - XENMEM_populate_physmap DoS vulnerability	View
587509	56739	CVE-2012-3496	URL:http://www.openwall.com/lists/oss-security/2012/09/05/7	View
587510	56739	CVE-2012-3496	MISC:https://bugzilla.redhat.com/show_bug.cgi?id=854590	View
587511	56739	CVE-2012-3496	CONFIRM:http://support.citrix.com/article/CTX134708	View
587512	56739	CVE-2012-3496	CONFIRM:http://wiki.xen.org/wiki/Security_Announcements#XSA-14_XENMEM_populate_physmap_DoS_vulnerability	View
587513	56739	CVE-2012-3496	DEBIAN:DSA-2544	View
587514	56739	CVE-2012-3496	URL:http://www.debian.org/security/2012/dsa-2544	View
587515	56739	CVE-2012-3496	GENTOO:GLSA-201309-24	View
587516	56739	CVE-2012-3496	URL:http://security.gentoo.org/glsa/glsa-201309-24.xml	View
587517	56739	CVE-2012-3496	SUSE:openSUSE-SU-2012:1172	View
587518	56739	CVE-2012-3496	URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00017.html	View
587519	56739	CVE-2012-3496	SUSE:openSUSE-SU-2012:1174	View
587520	56739	CVE-2012-3496	URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00018.html	View
587521	56739	CVE-2012-3496	SUSE:SUSE-SU-2012:1132	View
587522	56739	CVE-2012-3496	URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00003.html	View
587523	56739	CVE-2012-3496	SUSE:SUSE-SU-2012:1133	View
587524	56739	CVE-2012-3496	URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00004.html	View
587525	56739	CVE-2012-3496	SUSE:SUSE-SU-2012:1162	View
587526	56739	CVE-2012-3496	URL:http://lists.opensuse.org/opensuse-security-announce/2012-09/msg00012.html	View
587527	56739	CVE-2012-3496	SUSE:openSUSE-SU-2012:1572	View
587528	56739	CVE-2012-3496	URL:http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00017.html	View
587529	56739	CVE-2012-3496	SUSE:openSUSE-SU-2012:1573	View
587530	56739	CVE-2012-3496	URL:http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00018.html	View
587531	56739	CVE-2012-3496	BID:55412	View
587532	56739	CVE-2012-3496	URL:http://www.securityfocus.com/bid/55412	View
587533	56739	CVE-2012-3496	OSVDB:85200	View
587534	56739	CVE-2012-3496	URL:http://www.osvdb.org/85200	View
587535	56739	CVE-2012-3496	SECTRACK:1027481	View
587536	56739	CVE-2012-3496	URL:http://securitytracker.com/id?1027481	View
587537	56739	CVE-2012-3496	SECUNIA:50472	View
587538	56739	CVE-2012-3496	URL:http://secunia.com/advisories/50472	View
587539	56739	CVE-2012-3496	SECUNIA:50530	View
587540	56739	CVE-2012-3496	URL:http://secunia.com/advisories/50530	View
587541	56739	CVE-2012-3496	SECUNIA:51413	View
587542	56739	CVE-2012-3496	URL:http://secunia.com/advisories/51413	View
587543	56739	CVE-2012-3496	SECUNIA:55082	View
587544	56739	CVE-2012-3496	URL:http://secunia.com/advisories/55082	View
587545	56739	CVE-2012-3496	XF:xen-xenmempopulatephysmap-dos(78267)	View

Related JVN

Id	JVN No.	Title	Summary	CVE No.	CVE Id	CVSS_v2	CVSS_v3	JVN URL	Actions
28172	JVNDB-2012-003879	SquidClamav の squidclamav.c におけるサービス運用妨害 (デーモンクラッシュ) の脆弱性	SquidClamav の squidclamav.c 内の squidclamav_check_preview_handler 関数は、システムコマンドの呼び出しにエスケープされない URL を渡すため、サービス運用妨害 (デーモンクラッシュ) 状態となる脆弱性が存在します。	CVE-2012-3501	56739	5		http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003879.html	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.33 MB
View render complete	2.79 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.87
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	430.70
Event: Controller.beforeRender	7.22
» Processing toolbar data	7.10
Rendering View	18.84
» Event: View.beforeRender	0.03
» Rendering APP/View/Cveinfos/view.ctp	17.56
» Event: View.afterRender	0.03
» Event: View.beforeLayout	0.03
» Rendering APP/View/Layouts/default.ctp	0.69
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.12
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/56739
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/56739
Remote Port	18246
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.91
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.25.144
Http Via	1.1 squid-proxy-5b5d847c96-d7gsx (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.91
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.91
Unique Id	aSD4D_xRDfLZAPCzKD35-AAAAYs
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.91
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.91
Redirect Unique Id	aSD4D_xRDfLZAPCzKD35-AAAAYs
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.91
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.91
Redirect Redirect Unique Id	aSD4D_xRDfLZAPCzKD35-AAAAYs
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1763768335.6211
Request Time	1763768335

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files