This script is (C) 2014-2016 Tenable Network Security, Inc.
The remote VMware ESXi 5.1 host is affected by multiple
The remote VMware ESXi 5.1 host is affected by the following
- A denial of service vulnerability exists in the bundled
OpenSSL library that is triggered when handling OCSP
response verification. A remote attacker can exploit
this to crash the program. (CVE-2013-0166)
- An error exists related to the SSL/TLS/DTLS protocols,
CBC mode encryption and response time. An attacker
can obtain plaintext contents of encrypted traffic via
timing attacks. (CVE-2013-0169)
- An error exists in the libxml2 library related to the
expansion of XML internal entities that could allow
denial of service attacks. (CVE-2013-0338)
- A NULL pointer dereference flaw exists in the handling
of Network File Copy (NFC) traffic. An attacker can
exploit this by intercepting and modifying NFC traffic,
to cause a denial of service condition. (CVE-2014-1207)
- A denial of service vulnerability exists in the handling
of invalid ports that could allow a guest user to crash
the VMX process. (CVE-2014-1208)
See also :
Apply patch ESXi510-201401101-SG.
Risk factor :
High / CVSS Base Score : 7.1
CVSS Temporal Score : 5.3
Public Exploit Available : false
Nessus Plugin ID: 72037 ()
Bugtraq ID: 5777858180602686499464995
CVE ID: CVE-2013-0166CVE-2013-0169CVE-2013-0338CVE-2014-1207CVE-2014-1208
Upgrade to Nessus Professional today!
Start your free Nessus Cloud trial now!
Begin Free Trial
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.