VMSA-2008-0004 : Low: Updated e2fsprogs service console package

This script is Copyright (C) 2009-2013 Tenable Network Security, Inc.


Synopsis :

The remote VMware ESX host is missing a security-related patch.

Description :

Updated e2fsprogs package address multiple integer overflow flaws

Thanks to Rafal Wojtczuk of McAfee Avert Research for identifying and
reporting this issue.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2007-5497 to this issue.

See also :

http://lists.vmware.com/pipermail/security-announce/2008/000010.html

Solution :

Apply the missing patch.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: VMware ESX Local Security Checks

Nessus Plugin ID: 40375 ()

Bugtraq ID: 26772

CVE ID: CVE-2007-5497