Anfälligkeitssuche        Suche in 172616 CVE Beschreibungen
und 81291 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.103749
Kategorie:VMware Local Security Checks
Titel:VMware ESXi/ESX updates to third party libraries (VMSA-2013-0009)
Zusammenfassung:VMware has updated several third party libraries in ESX and ESXi to address multiple security vulnerabilities.
Beschreibung:Summary:
VMware has updated several third party libraries in ESX and ESXi to address multiple security vulnerabilities.

Vulnerability Insight:
a. ESX userworld update for OpenSSL library

The userworld OpenSSL library is updated to version openssl-0.9.8y to resolve
multiple security issues.

b. Service Console (COS) update for OpenSSL library

The Service Console updates for OpenSSL library is updated to version
openssl-0.9.8e-26.el5_9.1 to resolve multiple security issues.

c. ESX Userworld and Service Console (COS) update for libxml2 library

The ESX Userworld and Service Console libxml2 library is updated to version
libxml2-2.6.26-2.1.21.el5_9.1 and libxml2-python-2.6.26-2.1.21.el5_9.1. to
resolve a security issue.

d. Service Console (COS) update for GnuTLS library

The ESX service console GnuTLS RPM is updated to version
gnutls-1.4.1-10.el5_9.1 to resolve a security issue.

e. ESX third party update for Service Console kernel

The ESX Service Console Operating System (COS) kernel is updated to
kernel-2.6.18-348.3.1.el5 which addresses several security issues in the COS kernel.

Affected Software/OS:
VMware ESXi 4.1 without patch ESXi410-201307001

VMware ESX 4.1 without patch ESX410-201307001

VMware ESXi 5.0 without Update 3

VMware ESXi 4.0 without patch ESXi400-201310001

VMware ESX 4.0 without patch ESX400-201310001

Solution:
Apply the missing patch(es).

CVSS Score:
6.9

CVSS Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-0169
http://lists.apple.com/archives/security-announce/2013/Sep/msg00002.html
BugTraq ID: 57778
http://www.securityfocus.com/bid/57778
Cert/CC Advisory: TA13-051A
http://www.us-cert.gov/cas/techalerts/TA13-051A.html
CERT/CC vulnerability note: VU#737740
http://www.kb.cert.org/vuls/id/737740
Debian Security Information: DSA-2621 (Google Search)
http://www.debian.org/security/2013/dsa-2621
Debian Security Information: DSA-2622 (Google Search)
http://www.debian.org/security/2013/dsa-2622
http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101366.html
http://security.gentoo.org/glsa/glsa-201406-32.xml
HPdes Security Advisory: HPSBMU02874
http://marc.info/?l=bugtraq&m=136733161405818&w=2
HPdes Security Advisory: HPSBOV02852
http://marc.info/?l=bugtraq&m=136432043316835&w=2
HPdes Security Advisory: HPSBUX02856
http://marc.info/?l=bugtraq&m=136396549913849&w=2
HPdes Security Advisory: HPSBUX02857
http://marc.info/?l=bugtraq&m=136439120408139&w=2
HPdes Security Advisory: HPSBUX02909
http://marc.info/?l=bugtraq&m=137545771702053&w=2
HPdes Security Advisory: SSRT101103
HPdes Security Advisory: SSRT101104
HPdes Security Advisory: SSRT101108
HPdes Security Advisory: SSRT101184
HPdes Security Advisory: SSRT101289
http://www.mandriva.com/security/advisories?name=MDVSA-2013:095
http://blog.fuseyism.com/index.php/2013/02/20/security-icedtea-2-1-6-2-2-6-2-3-7-for-openjdk-7-released/
http://www.isg.rhul.ac.uk/tls/TLStiming.pdf
https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html
http://openwall.com/lists/oss-security/2013/02/05/24
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18841
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19016
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19424
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19540
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19608
RedHat Security Advisories: RHSA-2013:0587
http://rhn.redhat.com/errata/RHSA-2013-0587.html
RedHat Security Advisories: RHSA-2013:0782
http://rhn.redhat.com/errata/RHSA-2013-0782.html
RedHat Security Advisories: RHSA-2013:0783
http://rhn.redhat.com/errata/RHSA-2013-0783.html
RedHat Security Advisories: RHSA-2013:0833
http://rhn.redhat.com/errata/RHSA-2013-0833.html
RedHat Security Advisories: RHSA-2013:1455
http://rhn.redhat.com/errata/RHSA-2013-1455.html
RedHat Security Advisories: RHSA-2013:1456
http://rhn.redhat.com/errata/RHSA-2013-1456.html
http://www.securitytracker.com/id/1029190
http://secunia.com/advisories/53623
http://secunia.com/advisories/55108
http://secunia.com/advisories/55139
http://secunia.com/advisories/55322
http://secunia.com/advisories/55350
http://secunia.com/advisories/55351
SuSE Security Announcement: SUSE-SU-2013:0328 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00020.html
SuSE Security Announcement: SUSE-SU-2013:0701 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00020.html
SuSE Security Announcement: SUSE-SU-2014:0320 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00001.html
SuSE Security Announcement: SUSE-SU-2015:0578 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2015-03/msg00027.html
SuSE Security Announcement: openSUSE-SU-2013:0375 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00000.html
SuSE Security Announcement: openSUSE-SU-2013:0378 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00002.html
SuSE Security Announcement: openSUSE-SU-2016:0640 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
http://www.ubuntu.com/usn/USN-1735-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-0166
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18754
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19081
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19360
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19487
Common Vulnerability Exposure (CVE) ID: CVE-2013-0338
Debian Security Information: DSA-2652 (Google Search)
http://www.debian.org/security/2013/dsa-2652
HPdes Security Advisory: HPSBGN03302
http://marc.info/?l=bugtraq&m=142798889927587&w=2
HPdes Security Advisory: SSRT101996
http://www.mandriva.com/security/advisories?name=MDVSA-2013:056
http://secunia.com/advisories/52662
http://secunia.com/advisories/55568
SuSE Security Announcement: SUSE-SU-2013:1627 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00002.html
SuSE Security Announcement: openSUSE-SU-2013:0552 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-03/msg00112.html
SuSE Security Announcement: openSUSE-SU-2013:0555 (Google Search)
http://lists.opensuse.org/opensuse-updates/2013-03/msg00114.html
http://www.ubuntu.com/usn/USN-1782-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-2116
Debian Security Information: DSA-2697 (Google Search)
http://www.debian.org/security/2013/dsa-2697
http://www.mandriva.com/security/advisories?name=MDVSA-2013:171
http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/6753
RedHat Security Advisories: RHSA-2013:0883
http://rhn.redhat.com/errata/RHSA-2013-0883.html
http://www.securitytracker.com/id/1028603
http://secunia.com/advisories/53911
http://secunia.com/advisories/57260
http://secunia.com/advisories/57274
SuSE Security Announcement: SUSE-SU-2013:1060 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00019.html
SuSE Security Announcement: SUSE-SU-2014:0322 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00003.html
http://www.ubuntu.com/usn/USN-1843-1
Common Vulnerability Exposure (CVE) ID: CVE-2013-0268
http://www.openwall.com/lists/oss-security/2013/02/07/12
SuSE Security Announcement: SUSE-SU-2013:0674 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00018.html
SuSE Security Announcement: openSUSE-SU-2013:1187 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html
Common Vulnerability Exposure (CVE) ID: CVE-2013-0871
Debian Security Information: DSA-2632 (Google Search)
http://www.debian.org/security/2013/dsa-2632
http://www.openwall.com/lists/oss-security/2013/02/15/16
RedHat Security Advisories: RHSA-2013:0567
http://rhn.redhat.com/errata/RHSA-2013-0567.html
RedHat Security Advisories: RHSA-2013:0661
http://rhn.redhat.com/errata/RHSA-2013-0661.html
RedHat Security Advisories: RHSA-2013:0662
http://rhn.redhat.com/errata/RHSA-2013-0662.html
RedHat Security Advisories: RHSA-2013:0695
http://rhn.redhat.com/errata/RHSA-2013-0695.html
SuSE Security Announcement: SUSE-SU-2013:0341 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00022.html
SuSE Security Announcement: openSUSE-SU-2013:0925 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html
http://www.ubuntu.com/usn/USN-1736-1
http://www.ubuntu.com/usn/USN-1737-1
http://www.ubuntu.com/usn/USN-1738-1
http://www.ubuntu.com/usn/USN-1739-1
http://www.ubuntu.com/usn/USN-1740-1
http://www.ubuntu.com/usn/USN-1741-1
http://www.ubuntu.com/usn/USN-1742-1
http://www.ubuntu.com/usn/USN-1743-1
http://www.ubuntu.com/usn/USN-1744-1
http://www.ubuntu.com/usn/USN-1745-1
CopyrightCopyright (C) 2013 Greenbone Networks GmbH

Dies ist nur einer von 81291 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.