VMSA-2011-0001 : VMware ESX third-party updates for Service Console packages glibc, sudo, and openldap

This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.


Synopsis :

The remote VMware ESX host is missing one or more security-related
patches.

Description :

a. Service Console update for glibc

The service console packages glibc, glibc-common, and nscd are each
updated to version 2.5-34.4908.vmw.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-3847 and CVE-2010-3856 to the issues
addressed in this update.

b. Service Console update for sudo

The service console package sudo is updated to version
1.7.2p1-8.el5_5.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2010-2956 to the issue addressed in this
update.

c. Service Console update for openldap

The service console package openldap is updated to version
2.3.43-12.el5_5.1.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2010-0211 and CVE-2010-0212 to the issues
addressed in this update.

See also :

http://lists.vmware.com/pipermail/security-announce/2011/000150.html

Solution :

Apply the missing patches.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: VMware ESX Local Security Checks

Nessus Plugin ID: 51422 ()

Bugtraq ID: 41770
43019
44154
44347

CVE ID: CVE-2010-0211
CVE-2010-0212
CVE-2010-2956
CVE-2010-3847
CVE-2010-3856
CVE-2011-0536