VMSA-2008-0004 : Low: Updated e2fsprogs service console package

Medium Nessus Plugin ID 40375


The remote VMware ESX host is missing a security-related patch.


Updated e2fsprogs package address multiple integer overflow flaws

Thanks to Rafal Wojtczuk of McAfee Avert Research for identifying and reporting this issue.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5497 to this issue.


Apply the missing patch.

See Also


Plugin Details

Severity: Medium

ID: 40375

File Name: vmware_VMSA-2008-0004.nasl

Version: $Revision: 1.15 $

Type: local

Published: 2009/07/27

Modified: 2016/05/06

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esx:2.5.4, cpe:/o:vmware:esx:2.5.5, cpe:/o:vmware:esx:3.0.1, cpe:/o:vmware:esx:3.0.2, cpe:/o:vmware:esx:3.5

Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2008/03/03

Reference Information

CVE: CVE-2007-5497

BID: 26772

OSVDB: 40161

VMSA: 2008-0004

CWE: 189