ESXi 5.0 < Build 1022489 Multiple Vulnerabilities (remote check)

High Nessus Plugin ID 70877

Synopsis

The remote VMware ESXi 5.0 host is affected by multiple vulnerabilities.

Description

The remote VMware ESXi 5.0 host is affected by the following vulnerabilities :

- An off-by-one overflow condition exists in the xmlXPtrEvalXPtrPart() function due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2011-3102)

- Multiple integer overflow conditions exist due to improper validation of user-supplied input when handling overly long strings. An unauthenticated, remote attacker can exploit this, via a specially crafted XML file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2012-2807)

- A heap-based underflow condition exists in the bundled libxml2 library due to incorrect parsing of strings not containing an expected space. A remote attacker can exploit this, via a specially crafted XML document, to cause a denial of service condition or the execution of arbitrary code. (CVE-2012-5134)

- A privilege escalation vulnerability exists due to improper handling of control code in the lgtosync.sys driver. A local attacker can exploit this escalate privileges on Windows-based 32-bit guest operating systems. (CVE-2013-3519)

Solution

Apply patch ESXi500-201303101-SG.

See Also

http://www.nessus.org/u?bac4c6a1

https://www.vmware.com/security/advisories/VMSA-2013-0001.html

https://www.vmware.com/security/advisories/VMSA-2013-0004.html

https://www.vmware.com/security/advisories/VMSA-2013-0014.html

Plugin Details

Severity: High

ID: 70877

File Name: vmware_esxi_5_0_build_1022489_remote.nasl

Version: 1.13

Type: remote

Family: Misc.

Published: 2013/11/13

Updated: 2018/11/15

Dependencies: 57396

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esxi

Required KB Items: Host/VMware/version, Host/VMware/release

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/03/28

Vulnerability Publication Date: 2012/05/07

Reference Information

CVE: CVE-2011-3102, CVE-2012-2807, CVE-2012-5134, CVE-2013-3519

BID: 53540, 54718, 56684, 64075