VMSA-2011-0010 : VMware ESX third-party updates for Service Console packages glibc and dhcp

High Nessus Plugin ID 55747

New! Vulnerability Priority Rating (VPR)

Tenable calculates a dynamic VPR for every vulnerability. VPR combines vulnerability information with threat intelligence and machine learning algorithms to predict which vulnerabilities are most likely to be exploited in attacks. Read more about what VPR is and how it's different from CVSS.

VPR Score: 6.8


The remote VMware ESX host is missing one or more security-related patches.


a. Service Console update for DHCP

The DHCP client daemon, dhclient, does not properly sanatize certain options in DHCP server replies. An attacker could send a specially crafted DHCP server reply, that is saved on the client system and evaluated by a process that assumes the option is trusted. This could lead to arbitrary code execution with the privileges of the evaluating process.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-0997 to this issue.

b. Service Console update for glibc

This patch updates the glibc package for ESX service console to glibc-2.5-58.7602.vmw. This fixes multiple security issues in glibc, glibc-common and nscd including possible local privilege escalation.
The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifiers CVE-2010-0296, CVE-2011-0536, CVE-2011-1095, CVE-2011-1071, CVE-2011-1658 and CVE-2011-1659 to these issues.


Apply the missing patches.

See Also


Plugin Details

Severity: High

ID: 55747

File Name: vmware_VMSA-2011-0010.nasl

Version: 1.39

Type: local

Published: 2011/08/01

Updated: 2019/09/24

Dependencies: 12634

Risk Information

Risk Factor: High

VPR Score: 6.8

CVSS v2.0

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esx:3.5, cpe:/o:vmware:esx:4.0, cpe:/o:vmware:esx:4.1

Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2011/07/28

Exploitable With


Metasploit (glibc "$ORIGIN" Expansion Privilege Escalation)

Reference Information

CVE: CVE-2010-0296, CVE-2011-0536, CVE-2011-0997, CVE-2011-1071, CVE-2011-1095, CVE-2011-1658, CVE-2011-1659

BID: 44154, 46563, 47176, 47370

VMSA: 2011-0010