Detections
Analytics
VMSA-2011-0012 : VMware ESXi and ESX updates to third-party libraries and ESX Service Console
high Nessus Plugin ID 56508
Language:
Synopsis
The remote VMware ESXi / ESX host is missing one or more security-related patches.Description
a. ESX third-party update for Service Console kernelThis update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1083, CVE-2010-2492, CVE-2010-2798, CVE-2010-2938, CVE-2010-2942, CVE-2010-2943, CVE-2010-3015, CVE-2010-3066, CVE-2010-3067, CVE-2010-3078, CVE-2010-3086, CVE-2010-3296, CVE-2010-3432, CVE-2010-3442, CVE-2010-3477, CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3865, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-3904, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CVE-2010-4158, CVE-2010-4161, CVE-2010-4238, CVE-2010-4242, CVE-2010-4243, CVE-2010-4247, CVE-2010-4248, CVE-2010-4249, CVE-2010-4251, CVE-2010-4255, CVE-2010-4263, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4655, CVE-2011-0521, CVE-2011-0710, CVE-2011-1010, CVE-2011-1090 and CVE-2011-1478 to these issues.
b. ESX third-party update for Service Console krb5 RPMs
This patch updates the krb5-libs and krb5-workstation RPMs of the console OS to version 1.6.1-55.el5_6.1, which resolves multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1323, CVE-2011-0281, and CVE-2011-0282 to these issues.
c. ESXi and ESX update to third-party component glibc
The glibc third-party library is updated to resolve multiple security issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-0296, CVE-2011-0536, CVE-2011-1071, CVE-2011-1095, CVE-2011-1658, and CVE-2011-1659 to these issues.
d. ESX update to third-party drivers mptsas, mpt2sas, and mptspi
The mptsas, mpt2sas, and mptspi drivers are updated which addresses multiple security issues in the mpt2sas driver.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-1494 and CVE-2011-1495 to these issues.
Solution
Apply the missing patches.See Also
http://lists.vmware.com/pipermail/security-announce/2012/000164.html
Plugin Details
Severity: High
ID: 56508
File Name: vmware_VMSA-2011-0012.nasl
Version: 1.59
Type: local
Family: VMware ESX Local Security Checks
Published: 10/14/2011
Updated: 5/14/2023
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 8.9
CVSS v2
Risk Factor: High
Base Score: 7.9
Temporal Score: 6.9
Vector: CVSS2#AV:A/AC:M/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: High
Base Score: 8.1
Temporal Score: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C
Vulnerability Information
CPE: cpe:/o:vmware:esx:4.0, cpe:/o:vmware:esxi:4.0, cpe:/o:vmware:esxi:5.0, cpe:/o:vmware:esx:4.1, cpe:/o:vmware:esxi:3.5, cpe:/o:vmware:esx:3.5, cpe:/o:vmware:esxi:4.1
Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 10/12/2011
Vulnerability Publication Date: 4/6/2010
CISA Known Exploited Vulnerability Due Dates: 6/2/2023
Exploitable With
CANVAS (CANVAS)
Core Impact
Metasploit (Reliable Datagram Sockets (RDS) rds_page_copy_user Privilege Escalation)
Reference Information
CVE: CVE-2010-0296, CVE-2010-1083, CVE-2010-1323, CVE-2010-2492, CVE-2010-2798, CVE-2010-2938, CVE-2010-2942, CVE-2010-2943, CVE-2010-3015, CVE-2010-3066, CVE-2010-3067, CVE-2010-3078, CVE-2010-3086, CVE-2010-3296, CVE-2010-3432, CVE-2010-3442, CVE-2010-3477, CVE-2010-3699, CVE-2010-3858, CVE-2010-3859, CVE-2010-3865, CVE-2010-3876, CVE-2010-3877, CVE-2010-3880, CVE-2010-3904, CVE-2010-4072, CVE-2010-4073, CVE-2010-4075, CVE-2010-4080, CVE-2010-4081, CVE-2010-4083, CVE-2010-4157, CVE-2010-4158, CVE-2010-4161, CVE-2010-4238, CVE-2010-4242, CVE-2010-4243, CVE-2010-4247, CVE-2010-4248, CVE-2010-4249, CVE-2010-4251, CVE-2010-4255, CVE-2010-4263, CVE-2010-4343, CVE-2010-4346, CVE-2010-4526, CVE-2010-4655, CVE-2011-0281, CVE-2011-0282, CVE-2011-0521, CVE-2011-0536, CVE-2011-0710, CVE-2011-1010, CVE-2011-1071, CVE-2011-1090, CVE-2011-1095, CVE-2011-1478, CVE-2011-1494, CVE-2011-1495, CVE-2011-1658, CVE-2011-1659
BID: 39042, 42124, 42237, 42477, 42527, 42529, 43022, 43221, 43353, 43480, 43578, 43787, 43806, 43809, 44219, 44301, 44354, 44549, 44630, 44648, 44665, 44754, 44755, 44758, 45004, 45014, 45028, 45029, 45037, 45039, 45054, 45058, 45063, 45064, 45073, 45099, 45118, 45208, 45262, 45323, 45661, 45795, 45972, 45986, 46265, 46271, 46421, 46492, 46563, 46637, 46766, 47056, 47185, 47370
VMSA: 2011-0012