VMSA-2012-0011 : VMware hosted products and ESXi and ESX patches address security issues

This script is Copyright (C) 2012-2014 Tenable Network Security, Inc.

Synopsis :

The remote VMware ESXi / ESX host is missing a security-related patch.

Description :

a. VMware Host Checkpoint file memory corruption

Input data is not properly validated when loading Checkpoint files.
This may allow an attacker with the ability to load a specially
crafted Checkpoint file to execute arbitrary code on the host.

- None identified

- Do not import virtual machines from untrusted sources.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2012-3288 to this issue.

b. VMware Virtual Machine Remote Device Denial of Service

A device (e.g. CD-ROM, keyboard) that is available to a virtual
machine while physically connected to a system that does not run the
virtual machine is referred to as a remote device.

Traffic coming from remote virtual devices is incorrectly handled.
This may allow an attacker who is capable of manipulating the
traffic from a remote virtual device to crash the virtual machine.

- None identified

- Users need administrative privileges on the virtual machine
in order to attach remote devices.
- Do not attach untrusted remote devices to a virtual machine.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2012-3289 to this issue.

See also :


Solution :

Apply the missing patch.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: VMware ESX Local Security Checks

Nessus Plugin ID: 59506 ()

Bugtraq ID: 53996

CVE ID: CVE-2012-3288