This script is Copyright (C) 2013 Tenable Network Security, Inc.
The remote VMware ESXi / ESX host is missing a security-related
The remote VMware ESXi / ESX host is potentially affected by the
following vulnerabilities :
- A buffer overflow flaw exists that allows remote,
authenticated attackers to execute arbitrary code.
- A directory traversal flaw exists that allows remote
attackers to delete arbitrary files. (CVE-2013-3658)
Note that the vendor has not publicly acknowledged these flaws.
See also :
The vendor reportedly has silently patched these issues in the
following releases :
- ESX/ESXi 4.0: Patch 201203401
- ESX/ESXi 4.1: Patch 201201401
- ESXi 5.0: Patch 201203101
Risk factor :
High / CVSS Base Score : 9.4
CVSS Temporal Score : 7.0
Public Exploit Available : false