VMware ESXi 5.1 < Build 3021178 OpenSLP RCE (VMSA-2015-0007)
Critical Nessus Plugin ID 86946
SynopsisThe remote VMware ESXi host is affected by a remote code execution vulnerability.
DescriptionThe remote VMware ESXi host is version 5.1 prior to build 3021178. It is, therefore, affected by a remote code execution vulnerability due to a double-free error in the SLPDProcessMessage() function in OpenSLP. An unauthenticated, remote attacker can exploit this, via a crafted package, to execute arbitrary code or cause a denial of service condition.
SolutionApply patch ESXi510-201510101-SG for ESXi 5.1.