VMSA-2010-0016 : VMware ESXi and ESX third-party updates for Service Console and Likewise components

This script is Copyright (C) 2010-2016 Tenable Network Security, Inc.


Synopsis :

The remote VMware ESXi / ESX host is missing one or more
security-related patches.

Description :

a. Service Console OS update for COS kernel

This patch updates the service console kernel to fix multiple
security issues.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0415, CVE-2010-0307,
CVE-2010-0291, CVE-2010-0622, CVE-2010-1087, CVE-2010-1437, and
CVE-2010-1088 to these issues.

b. Likewise package updates

Updates to the likewisekrb5, likewiseopenldap, likewiseopen,
and pamkrb5 packages address several security issues.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-0844, CVE-2009-0845,
CVE-2009-0846, CVE-2009-4212, and CVE-2010-1321 to these issues.

See also :

http://lists.vmware.com/pipermail/security-announce/2011/000116.html

Solution :

Apply the missing patches.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.8
(CVSS2#E:POC/RL:OF/RC:C)
Public Exploit Available : true

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial