VMSA-2008-0007 : Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
Critical Nessus Plugin ID 40377
SynopsisThe remote VMware ESX host is missing one or more security-related patches.
Descriptiona. Updated pcre Service Console package addresses several security issues
The pcre package contains the Perl-Compatible Regular Expression library.
pcre is used by various Service Console utilities.
Several security issues were discovered in the way PCRE handles regular expressions. If an application linked against PCRE parsed a malicious regular expression, it may have been possible to run arbitrary code as the user running the application.
VMware would like to thank Ludwig Nussel for reporting these issues.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2006-7228 and CVE-2007-1660 to these issues.
b. Updated net-snmp Service Console package addresses denial of service
net-snmp is an implementation of the Simple Network Management Protocol (SNMP). SNMP is used by network management systems to monitor hosts. By default ESX has this service enabled and its ports open on the ESX firewall.
A flaw was discovered in the way net-snmp handled certain requests. A remote attacker who can connect to the snmpd UDP port could send a malicious packet causing snmpd to crash, resulting in a denial of service.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2007-5846 to this issue.
c. Updated OpenPegasus Service Console package fixes overflow condition
OpenPegasus is a CIM (Common Information Model) and Web-Based Enterprise Management (WBEM) broker. These protocols are used by network management systems to monitor and control hosts. By default ESX has this service enabled and its ports open on the ESX firewall.
A flaw was discovered in the OpenPegasus CIM management server that might allow remote attackers to execute arbitrary code. OpenPegasus when compiled to use PAM and without PEGASUS_USE_PAM_STANDALONE_PROC defined, has a stack-based buffer overflow condition.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2008-0003 to this issue.
SolutionApply the missing patches.