VMware vCenter Server Appliance Bash Remote Code Execution (VMSA-2014-0010) (Shellshock)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote host has a virtualization appliance installed that is
affected by a command injection vulnerability.

Description :

The version of VMware vCenter Server Appliance installed on the remote
host is 5.0 prior to Update 3b, 5.1 prior to Update 2b, or 5.5 prior
to Update 2a. It therefore contains a version of bash that is affected
by a command injection vulnerability via environment variable
manipulation. Depending on the configuration of the system, an
attacker could remotely execute arbitrary code.

See also :

http://www.vmware.com/security/advisories/VMSA-2014-0010.html
http://seclists.org/oss-sec/2014/q3/650
https://www.invisiblethreat.ca/post/shellshock/

Solution :

Upgrade to VMware vCenter Server Appliance 5.0 Update 3b / 5.1 Update
2b / 5.5 Update 2a or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.0
(CVSS2#E:POC/RL:ND/RC:ND)
Public Exploit Available : true

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now