VMSA-2012-0012 : VMware ESXi update to third-party library

Critical Nessus Plugin ID 59966

Synopsis

The remote VMware ESXi host is missing a security-related patch.

Description

a. ESXi update to third-party component libxml2

The libxml2 third-party library has been updated which addresses multiple security issues.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2010-4008, CVE-2011-0216, CVE-2011-1944, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919 and CVE-2012-0841 to these issues.

Solution

Apply the missing patch.

See Also

http://lists.vmware.com/pipermail/security-announce/2012/000190.html

Plugin Details

Severity: Critical

ID: 59966

File Name: vmware_VMSA-2012-0012.nasl

Version: 1.37

Type: local

Published: 2012/07/13

Updated: 2019/09/24

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esxi:4.0, cpe:/o:vmware:esxi:4.1, cpe:/o:vmware:esxi:5.0

Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2012/07/12

Reference Information

CVE: CVE-2010-4008, CVE-2010-4494, CVE-2011-0216, CVE-2011-1944, CVE-2011-2821, CVE-2011-2834, CVE-2011-3905, CVE-2011-3919, CVE-2012-0841, CVE-2012-1666

BID: 44779, 45617, 48056, 48832, 49279, 49658, 51084, 51300, 52107, 55421

VMSA: 2012-0012