VMSA-2013-0007 : VMware ESX third-party update for Service Console package sudo

High Nessus Plugin ID 66723


The remote VMware ESX host is missing a security-related patch.


a. Service Console update for sudo The service console package sudo is updated to version 1.7.2p1-14.el5_8.3

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-2337 and CVE-2012-3440 to the issues addressed in this update.


Apply the missing patch.

See Also


Plugin Details

Severity: High

ID: 66723

File Name: vmware_VMSA-2013-0007.nasl

Version: $Revision: 1.16 $

Type: local

Published: 2013/05/31

Modified: 2016/08/24

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esx:4.0, cpe:/o:vmware:esx:4.1

Required KB Items: Host/local_checks_enabled, Host/VMware/release, Host/VMware/version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/05/30

Reference Information

CVE: CVE-2012-2337, CVE-2012-3440

BID: 53569, 54868

OSVDB: 84492

VMSA: 2013-0007

IAVB: 2013-B-0064