Vulnerabilities > CVE-2009-3940 - Unspecified vulnerability in SUN Virtualbox and XVM Virtualbox
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors.
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_0_VIRTUALBOX-OSE-100126.NASL description This update of virtualbox-ose fixes a memory consumption bug in the kernel code that can be used to allocate almost all physical memory. CVE-2009-3940: CVSS v2 Base Score: 2.1 (LOW) (AV:L/AC:L/Au:N/C:N/I:N/A:P) last seen 2020-06-01 modified 2020-06-02 plugin id 44363 published 2010-02-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44363 title openSUSE Security Update : virtualbox-ose (virtualbox-ose-1874) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update virtualbox-ose-1874. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(44363); script_version("1.7"); script_cvs_date("Date: 2019/10/25 13:36:37"); script_cve_id("CVE-2009-3940"); script_name(english:"openSUSE Security Update : virtualbox-ose (virtualbox-ose-1874)"); script_summary(english:"Check for the virtualbox-ose-1874 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of virtualbox-ose fixes a memory consumption bug in the kernel code that can be used to allocate almost all physical memory. CVE-2009-3940: CVSS v2 Base Score: 2.1 (LOW) (AV:L/AC:L/Au:N/C:N/I:N/A:P)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=556031" ); script_set_attribute( attribute:"solution", value:"Update the affected virtualbox-ose packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-guest-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-default"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-pae"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xorg-x11-driver-virtualbox-ose"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.0"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.0)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.0", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.0", reference:"virtualbox-ose-1.5.6-33.4") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"virtualbox-ose-guest-tools-1.5.6-33.4") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"virtualbox-ose-kmp-debug-1.5.6_2.6.25.20_0.5-33.4") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"virtualbox-ose-kmp-default-1.5.6_2.6.25.20_0.5-33.4") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"virtualbox-ose-kmp-pae-1.5.6_2.6.25.20_0.5-33.4") ) flag++; if ( rpm_check(release:"SUSE11.0", reference:"xorg-x11-driver-virtualbox-ose-1.5.6-33.4") ) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get()); else security_note(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "virtualbox-ose"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_1_VIRTUALBOX-OSE-100126.NASL description This update of virtualbox-ose fixes a memory consumption bug in the kernel code that can be used to allocate almost all physical memory. CVE-2009-3940: CVSS v2 Base Score: 2.1 (LOW) (AV:L/AC:L/Au:N/C:N/I:N/A:P) last seen 2020-06-01 modified 2020-06-02 plugin id 44369 published 2010-02-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44369 title openSUSE Security Update : virtualbox-ose (virtualbox-ose-1874) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update virtualbox-ose-1874. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(44369); script_version("1.7"); script_cvs_date("Date: 2019/10/25 13:36:38"); script_cve_id("CVE-2009-3940"); script_name(english:"openSUSE Security Update : virtualbox-ose (virtualbox-ose-1874)"); script_summary(english:"Check for the virtualbox-ose-1874 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of virtualbox-ose fixes a memory consumption bug in the kernel code that can be used to allocate almost all physical memory. CVE-2009-3940: CVSS v2 Base Score: 2.1 (LOW) (AV:L/AC:L/Au:N/C:N/I:N/A:P)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=556031" ); script_set_attribute( attribute:"solution", value:"Update the affected virtualbox-ose packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-guest-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-default"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-pae"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-trace"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xorg-x11-driver-virtualbox-ose"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/26"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.1", reference:"virtualbox-ose-2.0.6-2.9.2") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"virtualbox-ose-guest-tools-2.0.6-2.9.2") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"virtualbox-ose-kmp-debug-2.0.6_2.6.27.42_0.1-2.9.2") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"virtualbox-ose-kmp-default-2.0.6_2.6.27.42_0.1-2.9.2") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"virtualbox-ose-kmp-pae-2.0.6_2.6.27.42_0.1-2.9.2") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"virtualbox-ose-kmp-trace-2.0.6_2.6.27.42_0.1-2.9.2") ) flag++; if ( rpm_check(release:"SUSE11.1", reference:"xorg-x11-driver-virtualbox-ose-2.0.6-2.9.2") ) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get()); else security_note(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "virtualbox-ose"); }
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201001-04.NASL description The remote host is affected by the vulnerability described in GLSA-201001-04 (VirtualBox: Multiple vulnerabilities) Thomas Biege of SUSE discovered multiple vulnerabilities: A shell metacharacter injection in popen() (CVE-2009-3692) and a possible buffer overflow in strncpy() in the VBoxNetAdpCtl configuration tool. An unspecified vulnerability in VirtualBox Guest Additions (CVE-2009-3940). Impact : A local, unprivileged attacker with the permission to run VirtualBox could gain root privileges. A guest OS local user could cause a Denial of Service (memory consumption) on the guest OS via unknown vectors. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 44893 published 2010-02-25 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44893 title GLSA-201001-04 : VirtualBox: Multiple vulnerabilities code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201001-04. # # The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(44893); script_version("1.10"); script_cvs_date("Date: 2019/08/02 13:32:45"); script_cve_id("CVE-2009-3692", "CVE-2009-3940"); script_xref(name:"GLSA", value:"201001-04"); script_name(english:"GLSA-201001-04 : VirtualBox: Multiple vulnerabilities"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201001-04 (VirtualBox: Multiple vulnerabilities) Thomas Biege of SUSE discovered multiple vulnerabilities: A shell metacharacter injection in popen() (CVE-2009-3692) and a possible buffer overflow in strncpy() in the VBoxNetAdpCtl configuration tool. An unspecified vulnerability in VirtualBox Guest Additions (CVE-2009-3940). Impact : A local, unprivileged attacker with the permission to run VirtualBox could gain root privileges. A guest OS local user could cause a Denial of Service (memory consumption) on the guest OS via unknown vectors. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201001-04" ); script_set_attribute( attribute:"solution", value: "All users of the binary version of VirtualBox should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/virtualbox-bin-3.0.12' All users of the Open Source version of VirtualBox should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/virtualbox-ose-3.0.12' All users of the binary VirtualBox Guest Additions should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/virtualbox-guest-additions-3.0.12' All users of the Open Source VirtualBox Guest Additions should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=app-emulation/virtualbox-ose-additions-3.0.12'" ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:virtualbox-bin"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:virtualbox-guest-additions"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:virtualbox-ose"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:virtualbox-ose-additions"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/25"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"app-emulation/virtualbox-guest-additions", unaffected:make_list("ge 3.0.12"), vulnerable:make_list("lt 3.0.12"))) flag++; if (qpkg_check(package:"app-emulation/virtualbox-ose-additions", unaffected:make_list("ge 3.0.12"), vulnerable:make_list("lt 3.0.12"))) flag++; if (qpkg_check(package:"app-emulation/virtualbox-bin", unaffected:make_list("ge 3.0.12"), vulnerable:make_list("lt 3.0.12"))) flag++; if (qpkg_check(package:"app-emulation/virtualbox-ose", unaffected:make_list("ge 3.0.12"), vulnerable:make_list("lt 3.0.12"))) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get()); else security_hole(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "VirtualBox"); }
NASL family SuSE Local Security Checks NASL id SUSE_11_2_VIRTUALBOX-OSE-100121.NASL description This update of virtualbox-ose fixes a memory consumption bug in the kernel code that can be used to allocate almost all physical memory. CVE-2009-3940: CVSS v2 Base Score: 2.1 (LOW) (AV:L/AC:L/Au:N/C:N/I:N/A:P) last seen 2020-06-01 modified 2020-06-02 plugin id 44373 published 2010-02-02 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/44373 title openSUSE Security Update : virtualbox-ose (virtualbox-ose-1874) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update virtualbox-ose-1874. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(44373); script_version("1.7"); script_cvs_date("Date: 2019/10/25 13:36:39"); script_cve_id("CVE-2009-3940"); script_name(english:"openSUSE Security Update : virtualbox-ose (virtualbox-ose-1874)"); script_summary(english:"Check for the virtualbox-ose-1874 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of virtualbox-ose fixes a memory consumption bug in the kernel code that can be used to allocate almost all physical memory. CVE-2009-3940: CVSS v2 Base Score: 2.1 (LOW) (AV:L/AC:L/Au:N/C:N/I:N/A:P)" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=556031" ); script_set_attribute( attribute:"solution", value:"Update the affected virtualbox-ose packages." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-guest-tools"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-debug"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-default"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-desktop"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:virtualbox-ose-kmp-pae"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:xorg-x11-driver-virtualbox-ose"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.2"); script_set_attribute(attribute:"patch_publication_date", value:"2010/01/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2010/02/02"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2010-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.2", reference:"virtualbox-ose-3.0.6-9.11.2") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"virtualbox-ose-guest-tools-3.0.6-9.11.2") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"virtualbox-ose-kmp-debug-3.0.6_2.6.31.8_0.1-9.11.2") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"virtualbox-ose-kmp-default-3.0.6_2.6.31.8_0.1-9.11.2") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"virtualbox-ose-kmp-desktop-3.0.6_2.6.31.8_0.1-9.11.2") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"virtualbox-ose-kmp-pae-3.0.6_2.6.31.8_0.1-9.11.2") ) flag++; if ( rpm_check(release:"SUSE11.2", reference:"xorg-x11-driver-virtualbox-ose-3.0.6-9.11.2") ) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get()); else security_note(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "virtualbox-ose"); }
NASL family Windows NASL id VIRTUALBOX_GUEST_ADDITIONS_LOCAL_DOS.NASL description The remote Windows host is running a version of Sun VirtualBox Guest Additions earlier than 2.0.12 or 3.0.10. Such versions are potentially affected by a local denial of service vulnerability. last seen 2020-06-01 modified 2020-06-02 plugin id 42831 published 2009-11-17 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42831 title Sun xVM VirtualBox Guest Additions < 2.0.12 / 3.0.10 Local DoS NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2010-059.NASL description A vulnerability has been found and corrected in virtualbox : Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors (CVE-2009-3940). Packages for 2008.0 are provided for Corporate Desktop 2008.0 customers. The updated packages have been patched to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 45030 published 2010-03-11 reporter This script is Copyright (C) 2010-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/45030 title Mandriva Linux Security Advisory : virtualbox (MDVSA-2010:059)