ESXi 6.0 < Build 5485776 Multiple Vulnerabilities (VMSA-2017-0015) (remote check)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote VMware ESXi 6.0 host is affected by multiple
vulnerabilities.

Description :

The version of the remote VMware ESXi 6.0 host is prior to build
5224529. It is, therefore, affected by multiple vulnerabilities in
VMWare Tools and the bundled OpenSSL and Python packages, as well
as a NULL pointer dereference vulnerability related to handling RPC
requests that could allow an attacker to crash a virtual machine.

See also :

http://www.vmware.com/security/advisories/VMSA-2017-0015.html
http://www.nessus.org/u?e03fa029

Solution :

Apply patch ESXi600-201706101-SG according to the vendor advisory.

Risk factor :

Medium / CVSS Base Score : 5.5
(CVSS2#AV:A/AC:L/Au:S/C:N/I:N/A:C)
CVSS Temporal Score : 4.5
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now