VMSA-2010-0013 : VMware ESX third-party updates for Service Console

high Nessus Plugin ID 49085

Language:

Synopsis

The remote VMware ESX host is missing one or more security-related patches.

Description

a. Service Console update for cpio

The service console package cpio is updated to version 2.5-6.RHEL3 for ESX 3.x versions and updated to version 2.6-23.el5_4.1 for ESX 4.x versions.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2005-4268 and CVE-2010-0624 to the issues addressed in the update for ESX 3.x and the names CVE-2007-4476 and CVE-2010-0624 to the issues addressed in the update for ESX 4.x.

b. Service Console update for tar

The service console package tar is updated to version 1.13.25-16.RHEL3 for ESX 3.x versions and updated to version 1.15.1-23.0.1.el5_4.2 for ESX 4.x versions.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-0624 to the issue addressed in the update for ESX 3.x and the names CVE-2007-4476 and CVE-2010-0624 to the issues addressed in the update for ESX 4.x.

c. Service Console update for samba

The service console packages for samba are updated to version samba-3.0.9-1.3E.17vmw, samba-client-3.0.9-1.3E.17vmw and samba-common-3.0.9-1.3E.17vmw.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-2063 to the issue addressed in this update.

Note :
The issue mentioned above is present in the Samba server (smbd) and is not present in the Samba client or Samba common packages.

To determine if your system has Samba server installed do a 'rpm -q samba`.

The following lists when the Samba server is installed on the ESX service console :

- ESX 4.0, ESX 4.1 The Samba server is not present on ESX 4.0 and ESX 4.1.

- ESX 3.5 The Samba server is present if an earlier patch for Samba has been installed.

- ESX 3.0.3 The Samba server is present if ESX 3.0.3 was upgraded from an earlier version of ESX 3 and a Samba patch was installed on that version.

The Samba server is not needed to operate the service console and can be be disabled without loss of functionality to the service console.

d. Service Console update for krb5

The service console package krb5 is updated to version 1.2.7-72 for ESX 3.x versions and to version 1.6.1-36.el5_5.4 for ESX 4.x versions.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2010-1321 to the issue addressed in these updates.

e. Service Console update for perl

The service console package perl is updated to version 5.8.0-101.EL3 for ESX 3.x versions and version 5.8.8-32.el5_5.1 for ESX 4.x versions.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-1168 and CVE-2010-1447 to the issues addressed in the update for ESX 3.x and the names CVE-2008-5302, CVE-2008-5303, CVE-2010-1168, and CVE-2010-1447 to the issues addressed in the update for ESX 4.x.

Solution

Apply the missing patches.

See Also

http://lists.vmware.com/pipermail/security-announce/2011/000125.html

Plugin Details

Severity: High

ID: 49085

File Name: vmware_VMSA-2010-0013.nasl

Version: 1.24

Type: local

Published: 9/2/2010

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 8.5

Temporal Score: 7

Vector: CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:vmware:esx:3.0.3, cpe:/o:vmware:esx:3.5, cpe:/o:vmware:esx:4.0, cpe:/o:vmware:esx:4.1

Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/31/2010

Vulnerability Publication Date: 11/7/2005

Exploitable With

Metasploit (Samba chain_reply Memory Corruption (Linux x86))

Reference Information

CVE: CVE-2005-4268, CVE-2007-4476, CVE-2008-5302, CVE-2008-5303, CVE-2010-0624, CVE-2010-1168, CVE-2010-1321, CVE-2010-1447, CVE-2010-2063

BID: 16057, 38628, 40235, 40302, 40305, 40884

CWE: 119, 362

VMSA: 2010-0013