This script is Copyright (C) 2010-2013 Tenable Network Security, Inc.
The remote VMware ESX host is missing a security-related patch.
a. Service Console package net-snmp updated
This patch updates the service console package for net-snmp,
net-snmp-utils, and net-snmp-libs to version
net-snmp-5.0.9-2.30E.28. This net-snmp update fixes a divide-by-
zero flaw in the snmpd daemon. A remote attacker could issue a
specially crafted GETBULK request that could cause the snmpd daemon
This vulnerability was introduced by an incorrect fix for
The Common Vulnerabilities and Exposures Project (cve.mitre.org) has
assigned the name CVE-2009-1887 to this issue.
Note: After installing the previous patch for net-snmp
(ESX350-200901409-SG), running the snmpbulkwalk command with the
parameter -CnX results in no output, and the snmpd daemon stops.
See also :
Apply the missing patch.
Risk factor :
Medium / CVSS Base Score : 5.0
Family: VMware ESX Local Security Checks
Nessus Plugin ID: 44642 ()
CVE ID: CVE-2009-1887
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.