ESXi 5.0 < Build 912577 Multiple Vulnerabilities (remote check)

This script is (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote VMware ESXi 5.0 host is affected by multiple security
vulnerabilities.

Description :

The remote VMware ESXi 5.0 host is affected by the following security
vulnerabilities :

- An integer overflow error exists in the '__tzfile_read'
function in the glibc library that could allow denial
of service attacks or arbitrary code execution.
(CVE-2009-5029)

- Reportedly, an error exists in glibc related to
modified loaders and 'LD_TRACE_LOADED_OBJECTS' checks
that could allow arbitrary code execution. This issue
is disputed by the creators of glibc. (CVE-2009-5064)

- An integer signedness error exists in the function
'elf_get_dynamic_info' in the file 'elf/dynamic-link.h
that could allow arbitrary code execution.
(CVE-2010-0830)

- A weakness exists related to OpenSSL and the workaround
'SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG' that could
allow a downgrade to a weaker cached ciphersuite.
(CVE-2010-4180)

- An error exists related to OpenSSL and the 'J-PAKE'
protocol that could allow authentication bypass.
(CVE-2010-4252)

- An error exists related to OpenSSL and 'ClientHello'
handshake messages that could allow denial of service
attacks and possible information disclosure.
(CVE-2011-0014)

- An error exists in the function 'addmntent' in the
glibc library that could allow corruption of the file
'/etc/mtab'. (CVE-2011-1089)

- An error exists in the function 'png_set_text_2' in the
file 'pngset.c' in the libpng library that could allow
arbitrary code execution. (CVE-2011-3048)

- An error exists related to OpenSSL, the Datagram
Transport Layer Security implementation and MAC checks
that could allow information disclosure. (CVE-2011-4108)

- A double-free error exists related to OpenSSL and
policy checking having an unspecified impact.
(CVE-2011-4109)

- An error exists related to OpenSSL, the SSL 3.0
implementation and data structure initialization that
could allow information disclosure. (CVE-2011-4576)

- An error exists related to OpenSSL, X.509 certificates
and 'Autonomous System' identifiers that could allow
denial of service attacks. (CVE-2011-4577)

- An error exists in the function 'svc_run' in the glibc
library related to RPC that could allow denial of
service attacks. (CVE-2011-4609)

- An error exists related to OpenSSL, the 'Server Gated
Cryptography' implementation and handshake restarts
that could allow denial of service attacks.
(CVE-2011-4619)

- An out-of-bounds read error exists related to OpenSSL
and Datagram Transport Layer Security applications that
could allow denial of service attacks. (CVE-2012-0050)

- An overflow error exists in the function 'printf' in
the glibc library related to 'nargs' parsing that could
allow arbitrary code execution. (CVE-2012-0864)

- An error exists related to Network File Copy (NFC)
handling that could allow denial of service attacks or
arbitrary code execution. (CVE-2013-1659)

See also :

http://kb.vmware.com/kb/2033767
http://www.vmware.com/security/advisories/VMSA-2013-0003.html

Solution :

Apply ESXi500-201212101-SG.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false