ESXi 5.0 / 5.1 / 5.5 / 6.0 Multiple Vulnerabilities (VMSA-2016-0010) (remote check)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.

Synopsis :

The remote VMware ESXi host is affected by multiple vulnerabilities.

Description :

The remote VMware ESXi host is version 5.0, 5.1, 5.5, or 6.0 and is
missing a security patch. It is, therefore, affected by multiple
vulnerabilities :

- An arbitrary code execution vulnerability exists in the
Shared Folders (HGFS) feature due to improper loading of
Dynamic-link library (DLL) files from insecure paths,
including the current working directory, which may not
be under user control. A remote attacker can exploit
this vulnerability, by placing a malicious DLL in the
path or by convincing a user into opening a file on a
network share, to inject and execute arbitrary code in
the context of the current user. (CVE-2016-5330)

- An HTTP header injection vulnerability exists due to
improper sanitization of user-supplied input. A remote
attacker can exploit this to inject arbitrary HTTP
headers and conduct HTTP response splitting attacks.

See also :

Solution :

Apply the appropriate patch as referenced in the vendor advisory.

Note that VMware Tools on Windows-based guests that use the Shared
Folders (HGFS) feature must also be updated to completely mitigate

Risk factor :

Medium / CVSS Base Score : 6.9
CVSS Temporal Score : 5.7
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 92949 ()

Bugtraq ID: 92323

CVE ID: CVE-2016-5330

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now