VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2009-0016) (remote check)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a security-related patch.

Description :

The remote VMware ESX / ESXi host is missing a security-related patch.
It is, therefore, affected by multiple vulnerabilities, including
remote code execution vulnerabilities, in the following components :

- Apache Geronimo
- Apache Tomcat
- Apache Xerces2
- cURL/libcURL
- ISC BIND
- Libxml2
- Linux kernel
- Linux kernel 64-bit
- Linux kernel Common Internet File System
- Linux kernel eCryptfs
- NTP
- Python
- Java Runtime Environment (JRE)
- Java SE Development Kit (JDK)
- Java SE Abstract Window Toolkit (AWT)
- Java SE Plugin
- Java SE Provider
- Java SE Swing
- Java SE Web Start

See also :

https://www.vmware.com/security/advisories/VMSA-2009-0016

Solution :

Apply the appropriate patch according to the vendor advisory that
pertains to ESX / ESXi version 3.5 / 4.0.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 9.0
(CVSS2#E:POC/RL:ND/RC:C)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 89117 ()

Bugtraq ID: 23887
25696
26070
26880
27006
27703
27706
28715
28749
29502
30491
30494
30496
31932
33187
33237
33412
33428
33618
33846
33906
33951
34084
34205
34216
34240
34390
34405
34453
34481
34612
34673
34934
35017
35185
35193
35196
35263
35281
35416
35559
35647
35848
35850
35851
35922
35929
35930
35939
35943
35944
35946
35958
36010
36032
36038
36108
49470

CVE ID: CVE-2007-2052
CVE-2007-4965
CVE-2007-5333
CVE-2007-5342
CVE-2007-5461
CVE-2007-5966
CVE-2007-6286
CVE-2008-0002
CVE-2008-1232
CVE-2008-1721
CVE-2008-1887
CVE-2008-1947
CVE-2008-2315
CVE-2008-2370
CVE-2008-3142
CVE-2008-3143
CVE-2008-3144
CVE-2008-3528
CVE-2008-4307
CVE-2008-4864
CVE-2008-5031
CVE-2008-5515
CVE-2008-5700
CVE-2009-0028
CVE-2009-0033
CVE-2009-0159
CVE-2009-0269
CVE-2009-0322
CVE-2009-0580
CVE-2009-0675
CVE-2009-0676
CVE-2009-0696
CVE-2009-0745
CVE-2009-0746
CVE-2009-0747
CVE-2009-0748
CVE-2009-0778
CVE-2009-0781
CVE-2009-0783
CVE-2009-0787
CVE-2009-0834
CVE-2009-1072
CVE-2009-1093
CVE-2009-1094
CVE-2009-1095
CVE-2009-1096
CVE-2009-1097
CVE-2009-1098
CVE-2009-1099
CVE-2009-1100
CVE-2009-1101
CVE-2009-1102
CVE-2009-1103
CVE-2009-1104
CVE-2009-1105
CVE-2009-1106
CVE-2009-1107
CVE-2009-1192
CVE-2009-1252
CVE-2009-1336
CVE-2009-1337
CVE-2009-1385
CVE-2009-1388
CVE-2009-1389
CVE-2009-1439
CVE-2009-1630
CVE-2009-1633
CVE-2009-1895
CVE-2009-2406
CVE-2009-2407
CVE-2009-2414
CVE-2009-2416
CVE-2009-2417
CVE-2009-2625
CVE-2009-2670
CVE-2009-2671
CVE-2009-2672
CVE-2009-2673
CVE-2009-2675
CVE-2009-2676
CVE-2009-2692
CVE-2009-2698
CVE-2009-2716
CVE-2009-2718
CVE-2009-2719
CVE-2009-2720
CVE-2009-2721
CVE-2009-2722
CVE-2009-2723
CVE-2009-2724
CVE-2009-2847
CVE-2009-2848

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now