VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0014) (remote check)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a security-related patch.

Description :

The remote VMware ESX / ESXi host is missing a security-related patch.
It is, therefore, affected by multiple vulnerabilities, including
remote code execution vulnerabilities, in the following components :

- ISC DHCP dhclient
- Integrated Services Digital Network (ISDN) subsystem
- Java Runtime Environment (JRE)
- Java SE Development Kit (JDK)
- Java SE Web Start
- Linux kernel
- Linux kernel 32-bit and 64-bit emulation
- Linux kernel Simple Internet Transition INET6
- Linux kernel tty
- Linux kernel virtual file system (VFS)
- Red Hat dhcpd init script for DHCP
- SBNI WAN driver

See also :

https://www.vmware.com/security/advisories/VMSA-2009-0014

Solution :

Apply the appropriate patch according to the vendor advisory that
pertains to ESX / ESXi version 3.5 / 4.0.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true