VMware vCenter Multiple Vulnerabilities (VMSA-2015-0007)

This script is Copyright (C) 2015-2016 Tenable Network Security, Inc.


Synopsis :

The remote host has a virtualization management application installed
that is affected by multiple vulnerabilities.

Description :

The VMware vCenter Server installed on the remote host is affected by
the following vulnerabilities :

- A flaw exists in the vpxd service due to improper
sanitization of long heartbeat messages. An
unauthenticated, remote attacker can exploit this to
cause a denial of service. (CVE-2015-1047)

- A flaw exists due to an insecurely configured and
remotely accessible JMX RMI service. An unauthenticated,
remote attacker can exploit this, via an MLet file, to
execute arbitrary code on the vCenter server with the
same privileges as the web server. (CVE-2015-2342)

See also :

https://www.vmware.com/security/advisories/VMSA-2015-0007.html
http://www.zerodayinitiative.com/advisories/ZDI-15-455/

Solution :

Upgrade to VMware vCenter Server 6.0.0b (6.0.0 build-2776510), 5.5u3
(5.5.0 build-3000241), 5.1u3b (5.1.0 build-3070521), or 5.0u3e (5.0.0
build-3073234) or later.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 86255 ()

Bugtraq ID:

CVE ID: CVE-2015-1047
CVE-2015-2342

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now