VMSA-2012-0011 : VMware hosted products and ESXi and ESX patches address security issues

High Nessus Plugin ID 59506


The remote VMware ESXi / ESX host is missing a security-related patch.


a. VMware Host Checkpoint file memory corruption

Input data is not properly validated when loading Checkpoint files.
This may allow an attacker with the ability to load a specially crafted Checkpoint file to execute arbitrary code on the host.

- None identified

- Do not import virtual machines from untrusted sources.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-3288 to this issue.

b. VMware Virtual Machine Remote Device Denial of Service

A device (e.g. CD-ROM, keyboard) that is available to a virtual machine while physically connected to a system that does not run the virtual machine is referred to as a remote device.

Traffic coming from remote virtual devices is incorrectly handled.
This may allow an attacker who is capable of manipulating the traffic from a remote virtual device to crash the virtual machine.

- None identified

- Users need administrative privileges on the virtual machine in order to attach remote devices.
- Do not attach untrusted remote devices to a virtual machine.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-3289 to this issue.


Apply the missing patch.

See Also


Plugin Details

Severity: High

ID: 59506

File Name: vmware_VMSA-2012-0011.nasl

Version: $Revision: 1.17 $

Type: local

Published: 2012/06/15

Modified: 2016/08/16

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esx:3.5, cpe:/o:vmware:esx:4.0, cpe:/o:vmware:esx:4.1, cpe:/o:vmware:esxi:3.5, cpe:/o:vmware:esxi:4.0, cpe:/o:vmware:esxi:4.1, cpe:/o:vmware:esxi:5.0

Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2012/06/14

Reference Information

CVE: CVE-2012-3288, CVE-2012-3289

BID: 53996

OSVDB: 82979, 82980

VMSA: 2012-0011

IAVA: 2012-A-0099, 2012-A-0100