xen-tools -- delimiter injection vulnerabilities in pygrub
The Xen Project reports:
pygrub, the boot loader emulator, fails to quote (or sanity check)
its results when reporting them to its caller.
A malicious guest administrator can obtain the contents of
sensitive host files (an information leak). Additionally, a
malicious guest administrator can cause files on the host to be
removed, causing a denial of service. In some unusual host
configurations, ability to remove certain files may be usable for
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright