ESXi 5.1 < Build 911593 Multiple Vulnerabilities (remote check)

This script is (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote VMware ESXi 5.1 host is affected by multiple security
vulnerabilities.

Description :

The remote VMware ESXi 5.1 host is affected by the following security
vulnerabilities :

- An input validation error exists in the function
'png_set_text_2' in the libpng library that could
allow memory corruption and arbitrary code execution.
(CVE-2011-3048)

- An error exists related to Network File Copy (NFC)
handling that could allow denial of service attacks or
arbitrary code execution. (CVE-2013-1659)

See also :

http://kb.vmware.com/kb/20357815
http://www.vmware.com/security/advisories/VMSA-2013-0003.html

Solution :

Apply ESXi510-201212101-SG.

Risk factor :

High / CVSS Base Score : 7.6
(CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 5.6
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Misc.

Nessus Plugin ID: 70888 ()

Bugtraq ID: 52830
58115

CVE ID: CVE-2011-3048
CVE-2013-1659