Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.103452
Kategorie:VMware Local Security Checks
Titel:VMware ESXi/ESX patches and VI Client update resolve multiple security issues (VMSA-2011-0009.3)
Zusammenfassung:The remote ESXi is missing one or more security related Updates from VMSA-2011-0009.3.
Beschreibung:Summary:
The remote ESXi is missing one or more security related Updates from VMSA-2011-0009.3.

Vulnerability Insight:
VMware hosted product updates, ESX patches and VI Client update resolve multiple security issues.

a. VMware vmkernel third party e1000(e) Driver Packet Filter Bypass

There is an issue in the e1000(e) Linux driver for Intel PRO/1000 adapters that allows a remote attacker to bypass packet filters.

b. ESX third party update for Service Console kernel

This update for the console OS kernel package resolves four security issues.

IPv4 Remote Denial of Service An remote attacker can achieve a denial of service via an issue in the kernel IPv4 code.

SCSI Driver Denial of Service / Possible Privilege Escalation A local attacker can achieve a denial of service
and possibly a privilege escalation via a vulnerability in the Linux SCSI drivers.

Kernel Memory Management Arbitrary Code Execution A context-dependent attacker can execute arbitrary code via a
vulnerability in a kernel memory handling function.

e1000 Driver Packet Filter Bypass There is an issue in the Service Console e1000 Linux driver for Intel PRO/1000
adapters that allows a remote attacker to bypass packet filters.

c. Multiple vulnerabilities in mount.vmhgfs

This patch provides a fix for the following three security issues in the VMware Host Guest File System (HGFS).
None of these issues affect Windows based Guest Operating Systems.

Mount.vmhgfs Information Disclosure Information disclosure via a vulnerability that allows an attacker with access
to the Guest to determine if a path exists in the Host filesystem and whether it is a file or directory regardless
of permissions.

Mount.vmhgfs Race Condition Privilege escalation via a race condition that allows an attacker with access to the guest
to mount on arbitrary directories in the Guest filesystem and achieve privilege escalation if they can control the
contents of the mounted directory.

Mount.vmhgfs Privilege Escalation Privilege escalation via a procedural error that allows an attacker with access to the
guest operating system to gain write access to an arbitrary file in the Guest filesystem. This issue only affects Solaris
and FreeBSD Guest Operating Systems.

d. VI Client ActiveX vulnerabilities

VI Client COM objects can be instantiated in Internet Explorer which may cause memory corruption. An attacker who succeeded
in making the VI Client user visit a malicious Web site could execute code on the user's system within the security context
of that user.

Affected Software/OS:
ESXi 5.0 without patch ESXi500-201112403-SG

ESXi 4.1 without patches ESXi410-201104402-BG and ESXi410-201110201-SG

ESXi 4.0 without patch ESXi400-201110401-SG

ESXi 3.5 without patches ESXe350-201105401-I-SG and ESXe350-201105402-T-SG

ESX 4.1 without patches ESX410-201104401-SG and ESX410-201110225-SG

ESX 4.0 without patch ESX400-201104401-SG and ESX400-201110410-SG

ESX 3.5 without patches ESX350-201105401-SG, ESX350-201105404-SG and ESX350-201105406-SG

Solution:
Apply the missing patch(es).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-4536
BugTraq ID: 37519
http://www.securityfocus.com/bid/37519
Debian Security Information: DSA-1996 (Google Search)
http://www.debian.org/security/2010/dsa-1996
Debian Security Information: DSA-2005 (Google Search)
http://www.debian.org/security/2010/dsa-2005
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html
http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/
http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html
http://www.openwall.com/lists/oss-security/2009/12/28/1
http://www.openwall.com/lists/oss-security/2009/12/29/2
http://www.openwall.com/lists/oss-security/2009/12/31/1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10607
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12440
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13226
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7453
http://www.redhat.com/support/errata/RHSA-2010-0019.html
http://www.redhat.com/support/errata/RHSA-2010-0020.html
http://www.redhat.com/support/errata/RHSA-2010-0041.html
http://www.redhat.com/support/errata/RHSA-2010-0053.html
RedHat Security Advisories: RHSA-2010:0095
https://rhn.redhat.com/errata/RHSA-2010-0095.html
http://www.redhat.com/support/errata/RHSA-2010-0111.html
http://www.redhat.com/support/errata/RHSA-2010-0882.html
http://securitytracker.com/id?1023420
http://secunia.com/advisories/35265
http://secunia.com/advisories/38031
http://secunia.com/advisories/38276
http://secunia.com/advisories/38296
http://secunia.com/advisories/38492
http://secunia.com/advisories/38610
http://secunia.com/advisories/38779
SuSE Security Announcement: SUSE-SA:2010:005 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html
SuSE Security Announcement: SUSE-SA:2010:007 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html
SuSE Security Announcement: SUSE-SA:2010:010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html
SuSE Security Announcement: SUSE-SA:2010:012 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html
SuSE Security Announcement: SUSE-SA:2010:013 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html
SuSE Security Announcement: SUSE-SA:2010:014 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html
XForce ISS Database: kernel-e1000main-security-bypass(55648)
https://exchange.xforce.ibmcloud.com/vulnerabilities/55648
Common Vulnerability Exposure (CVE) ID: CVE-2010-1188
BugTraq ID: 39016
http://www.securityfocus.com/bid/39016
http://www.openwall.com/lists/oss-security/2010/03/29/1
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9878
http://www.redhat.com/support/errata/RHSA-2010-0380.html
http://www.redhat.com/support/errata/RHSA-2010-0394.html
http://www.redhat.com/support/errata/RHSA-2010-0424.html
http://www.redhat.com/support/errata/RHSA-2010-0439.html
http://www.securitytracker.com/id?1023992
http://secunia.com/advisories/39652
Common Vulnerability Exposure (CVE) ID: CVE-2009-3080
BugTraq ID: 37068
http://www.securityfocus.com/bid/37068
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00777.html
http://www.mandriva.com/security/advisories?name=MDVSA-2010:030
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10989
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12862
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7101
RedHat Security Advisories: RHSA-2010:0046
https://rhn.redhat.com/errata/RHSA-2010-0046.html
http://secunia.com/advisories/37435
http://secunia.com/advisories/37720
http://secunia.com/advisories/37909
http://secunia.com/advisories/38017
SuSE Security Announcement: SUSE-SA:2009:061 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html
SuSE Security Announcement: SUSE-SA:2009:064 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html
SuSE Security Announcement: SUSE-SA:2010:001 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html
http://www.ubuntu.com/usn/usn-864-1
Common Vulnerability Exposure (CVE) ID: CVE-2010-2240
Bugtraq: 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/517739/100/0/threaded
Debian Security Information: DSA-2094 (Google Search)
http://www.debian.org/security/2010/dsa-2094
http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf
http://lists.vmware.com/pipermail/security-announce/2011/000133.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247
http://www.redhat.com/support/errata/RHSA-2010-0660.html
RedHat Security Advisories: RHSA-2010:0661
https://rhn.redhat.com/errata/RHSA-2010-0661.html
http://www.redhat.com/support/errata/RHSA-2010-0670.html
http://securitytracker.com/id?1024344
Common Vulnerability Exposure (CVE) ID: CVE-2011-2146
BugTraq ID: 48098
http://www.securityfocus.com/bid/48098
http://www.securitytracker.com/id?1025601
http://secunia.com/advisories/44840
http://secunia.com/advisories/44904
SuSE Security Announcement: openSUSE-SU-2011:0617 (Google Search)
https://hermes.opensuse.org/messages/8711677
XForce ISS Database: vmware-mountvmhgfs-info-disc(67813)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67813
Common Vulnerability Exposure (CVE) ID: CVE-2011-1787
Common Vulnerability Exposure (CVE) ID: CVE-2011-2145
XForce ISS Database: vmware-mountvmhgfs-privilege-esc(67815)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67815
Common Vulnerability Exposure (CVE) ID: CVE-2011-2217
BugTraq ID: 48099
http://www.securityfocus.com/bid/48099
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911
http://securitytracker.com/id?1025602
http://secunia.com/advisories/44826
http://secunia.com/advisories/44844
XForce ISS Database: vmware-viclient-code-exec(67816)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67816
CopyrightCopyright (C) 2012 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.