http://lists.vmware.com/pipermail/security-announce/2007/000001.html
Severity: Critical
ID: 40370
File Name: vmware_VMSA-2007-0006.nasl
Version: 1.25
Type: local
Family: VMware ESX Local Security Checks
Published: 7/27/2009
Updated: 1/6/2021
Supported Sensors: Nessus
Risk Factor: High
Score: 7.4
Risk Factor: Critical
Base Score: 10
Temporal Score: 8.3
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE: cpe:/o:vmware:esx:2.0.2, cpe:/o:vmware:esx:2.1.3, cpe:/o:vmware:esx:2.5.3, cpe:/o:vmware:esx:2.5.4, cpe:/o:vmware:esx:3.0.0, cpe:/o:vmware:esx:3.0.1, cpe:/o:vmware:esx:3.0.2
Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 9/18/2007
Vulnerability Publication Date: 7/30/2004
CANVAS (CANVAS)
Core Impact
Metasploit (Samba "username map script" Command Execution)
CVE: CVE-2004-0813, CVE-2006-1174, CVE-2006-3619, CVE-2006-4146, CVE-2006-4600, CVE-2007-0061, CVE-2007-0062, CVE-2007-0063, CVE-2007-0494, CVE-2007-1716, CVE-2007-1856, CVE-2007-2442, CVE-2007-2443, CVE-2007-2446, CVE-2007-2447, CVE-2007-2798, CVE-2007-4059, CVE-2007-4155, CVE-2007-4496, CVE-2007-4497
BID: 18111, 19832, 22231, 23520, 25729, 25731, 25732, 23972, 23973, 24195, 24196, 24197, 24198, 24653, 24655, 24657, 25110, 25131