Detections
Analytics

VMSA-2010-0006 : ESX Service Console updates for samba and acpid

medium Nessus Plugin ID 45402

Language:

Synopsis

The remote VMware ESX host is missing one or more security-related patches.

Description

a. Service Console update for samba to 3.0.33-3.15.el5_4.1

 This update changes the samba packages to samba-client-3.0.33-3.15.el5_4.1 and samba-common-3.0.33-3.15.el5_4.1. These versions include fixes for security issues that were first fixed in samba-client-3.0.33-0.18.el4_8 and samba-common-3.0.33-0.18.el4_8.
 The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the names CVE-2009-2906, CVE-2009-1888,CVE-2009-2813 and CVE-2009-2948 to these issues.

b. Service Console update for acpid to1.0.4-9.el5_4.2

 This updates changes the the acpid package to acpid-1.0.4-9.el5_4.2.
 This version includes the fix for a security issue that was first fixed in acpid-1.0.4-7.el5_4.1.

The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0798 to this issue.

Solution

Apply the missing patches.

See Also

http://lists.vmware.com/pipermail/security-announce/2011/000123.html

Plugin Details

Severity: Medium

ID: 45402

File Name: vmware_VMSA-2010-0006.nasl

Version: 1.20

Type: local

Published: 4/2/2010

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.6

CVSS v2

Risk Factor: Medium

Base Score: 6

Temporal Score: 4.4

Vector: CVSS2#AV:N/AC:M/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/o:vmware:esx:4.0

Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version

Exploit Ease: No known exploits are available

Patch Publication Date: 4/1/2010

Reference Information

CVE: CVE-2009-0798, CVE-2009-1888, CVE-2009-2813, CVE-2009-2906, CVE-2009-2948

BID: 34692, 36363, 36572, 36573

CWE: 264, 399

VMSA: 2010-0006