VMSA-2008-0011 : Updated ESX service console packages for Samba and vmnix

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote VMware ESX host is missing one or more security-related
patches.

Description :

I Service Console rpm updates

a. Security Update to Service Console Kernel

This fix upgrades service console kernel version to 2.4.21-57.EL.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2007-5001, CVE-2007-6151, CVE-2007-6206,
CVE-2008-0007, CVE-2008-1367, CVE-2008-1375, CVE-2006-4814, and
CVE-2008-1669 to the security issues fixed in kernel-2.4.21-57.EL.

b. Samba Security Update

This fix upgrades the service console rpm samba to version
3.0.9-1.3E.15vmw

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2008-1105 to this issue.

See also :

http://lists.vmware.com/pipermail/security-announce/2008/000041.html

Solution :

Apply the missing patches.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 5.9
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true