VMSA-2014-0003 : VMware vSphere Client updates address security vulnerabilities

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote VMware ESXi / ESX host is missing a security-related patch.

Description :

a. vSphere Client Insecure Client Download

vSphere Client contains a vulnerability in accepting an updated
vSphere Client file from an untrusted source. The vulnerability may
allow a host to direct vSphere Client to download and execute an
arbitrary file from any URI. This issue can be exploited if
the host has been compromised or if a user has been tricked
into clicking a malicious link.

VMware would like to thank Recurity Labs GmbH and the Bundesamt
Sicherheit
in der Informationstechnik (BSI) for reporting this issue to us

The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CVE-2014-1209 to this issue.

See also :

http://lists.vmware.com/pipermail/security-announce/2014/000236.html

Solution :

Apply the missing patch.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: VMware ESX Local Security Checks

Nessus Plugin ID: 73469 ()

Bugtraq ID: 66772
66773

CVE ID: CVE-2014-1209
CVE-2014-1210