Citrix has released security updates to address vulnerabilities in its XenServer. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The host compromise issue (CVE-2016-2074) affects Citrix XenServer versions 7.0 and 7.1 CU1 only.
The denial of service issues affect all supported versions of Citrix XenServer prior to version 7.4.
CERT Bulgaria recommends users and administrators to review the Citrix Security Bulletin CTX232655 and apply the necessary updates.
Citrix strongly recommends that affected customers install these hotfixes as soon as possible.