CVE-2008-5716 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-5716): xend in Xen 3.3.0 does not properly restrict a guest VM's write access within the /local/domain xenstore directory tree, which allows guest OS users to cause a denial of service and possibly have unspecified other impact by writing to (1) console/tty, (2) console/limit, or (3) image/device-model-pid. NOTE: this issue exists because of erroneous set_permissions calls in the fix for CVE-2008-4405.
*** This bug has been marked as a duplicate of bug 241146 ***