VMSA-2013-0003 : VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third-party library security issues.

High Nessus Plugin ID 64812

Synopsis

The remote VMware ESXi / ESX host is missing one or more security-related patches.

Description

a. VMware vCenter, ESXi and ESX NFC protocol memory corruption vulnerability

VMware vCenter Server, ESXi and ESX contain a vulnerability in the handling of the Network File Copy (NFC) protocol. To exploit this vulnerability, an attacker must intercept and modify the NFC traffic between vCenter Server and the client or ESXi/ESX and the client. Exploitation of the issue may lead to code execution.

To reduce the likelihood of exploitation, vSphere components should be deployed on an isolated management network

VMware would like to thank Alex Chapman of Context Information Security for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-1659 to this issue.

b. VirtualCenter, ESX and ESXi Oracle (Sun) JRE update 1.5.0_38

Oracle (Sun) JRE is updated to version 1.5.0_38, which addresses multiple security issues that existed in earlier releases of Oracle (Sun) JRE.

Oracle has documented the CVE identifiers that are addressed in JRE 1.5.0_38 in the Oracle Java SE Critical Patch Update Advisory of October 2012.

c. Update to ESX service console OpenSSL RPM

The service console OpenSSL RPM is updated to version openssl-0.9.7a.33.28.i686 to resolve multiple security issues.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2110 to this issue.

Solution

Apply the missing patches.

See Also

http://lists.vmware.com/pipermail/security-announce/2013/000205.html

Plugin Details

Severity: High

ID: 64812

File Name: vmware_VMSA-2013-0003.nasl

Version: 1.35

Type: local

Published: 2013/02/22

Updated: 2019/09/24

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.6

Temporal Score: 6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esx:3.5, cpe:/o:vmware:esx:4.0, cpe:/o:vmware:esx:4.1, cpe:/o:vmware:esxi:3.5, cpe:/o:vmware:esxi:4.0, cpe:/o:vmware:esxi:4.1, cpe:/o:vmware:esxi:5.0, cpe:/o:vmware:esxi:5.1

Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2013/02/21

Exploitable With

Metasploit (Java Applet Method Handle Remote Code Execution)

Reference Information

CVE: CVE-2012-2110, CVE-2013-1659

BID: 53158, 55501, 56025, 56033, 56039, 56043, 56046, 56051, 56054, 56055, 56056, 56057, 56058, 56059, 56061, 56063, 56065, 56066, 56067, 56068, 56070, 56071, 56072, 56075, 56076, 56078, 56079, 56080, 56081, 56082, 56083, 58115

VMSA: 2013-0003