ESXi 5.1 < Build 1063671 Multiple Vulnerabilities (remote check)

This script is (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote VMware ESXi 5.1 host is affected by multiple security
vulnerabilities.

Description :

The remote VMware ESXi 5.1 host is affected by the following security
vulnerabilities :

- An integer overflow error exists in the '__tzfile_read'
function in the glibc library that could allow denial of
service attacks or arbitrary code execution.
(CVE-2009-5029)

- Reportedly, an error exists in glibc related to
modified loaders and 'LD_TRACE_LOADED_OBJECTS' checks
that could allow arbitrary code execution. This issue
is disputed by the creators of glibc. (CVE-2009-5064)

- An integer signedness error exists in the function
'elf_get_dynamic_info' in the file 'elf/dynamic-link.h
that could allow arbitrary code execution.
(CVE-2010-0830)

- An error exists in the function 'addmntent' in the
glibc library that could allow corruption of the file
'/etc/mtab'. (CVE-2011-1089)

- An error exists in the function
'xsltGenerateIdFunction' in the libxslt library that
could allow information disclosure. (CVE-2011-1202)

- An off-by-one error exists in the function
'xmlXPtrEvalXPtrPart' in the libxml2 library that could
allow denial of service attacks or arbitrary code
execution. (CVE-2011-3102)

- An out-of-bounds read error exists in the function
'xsltCompilePatternInternal' in the libxslt library
that could allow denial of service attacks.
(CVE-2011-3970)

- An error exists in the function 'svc_run' in the glibc
library related to RPC that could allow denial of
service attacks. (CVE-2011-4609)

- An overflow error exists in the function 'printf' in
the glibc library related to 'nargs' parsing that could
allow arbitrary code execution. (CVE-2012-0864)

- An integer overflow error exists in the function
'growBuffer' in the libxml2 library that could allow
denial of service attacks or arbitrary code execution.
(CVE-2012-2807)

- Type-confusion errors exist in the macro
'IS_XSLT_ELEM' and the function 'xsltApplyTemplates'
that
could allow denial of service attacks or information
disclosure. (CVE-2012-2825, CVE-2012-2871)

- A use-after-free error exists in the function
'xsltGenerateIdFunction' in the libxslt library that
could allow denial of service attacks or arbitrary code
execution. (CVE-2012-2870)

- A format string error exists in glibc that could allow
arbitrary code execution. (CVE-2012-3404,
CVE-2012-3405, CVE-2012-3406)

- Overflow errors exist in the glibc functions 'strtod',
'strtof', 'strtold', and 'strtod_l' that could allow
arbitrary code execution. (CVE-2012-3480)

- An underflow error exists in the function
'xmlParseAttValueComplex' in the libxml2 library could
allow denial of service attacks or arbitrary code
execution. (CVE-2012-5134)

See also :

http://kb.vmware.com/kb/2041637
http://www.vmware.com/security/advisories/VMSA-2012-0018.html
http://www.vmware.com/security/advisories/VMSA-2013-0004.html

Solution :

Apply ESXi510-201304101-SG.

Risk factor :

Medium / CVSS Base Score : 6.9
(CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.0
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false