VMware ESX Multiple Vulnerabilities (VMSA-2009-0004) (remote check)

High Nessus Plugin ID 89112

Synopsis

The remote host is missing a security-related patch.

Description

The remote VMware ESX host is missing a security-related patch. It is, therefore, is affected by multiple vulnerabilities :

- A format string flaw exists in the Vim help tag processor in the helptags_one() function that allows a remote attacker to execute arbitrary code by tricking a user into executing the 'helptags' command on malicious help files. (CVE-2007-2953)

- Multiple flaws exist in the Vim system functions due to a failure to sanitize user-supplied input. An attacker can exploit these to execute arbitrary code by tricking a user into opening a crafted file. (CVE-2008-2712)

- A heap-based buffer overflow condition exists in the Vim mch_expand_wildcards() function. An attacker can exploit this, via shell metacharacters in a crafted file name, to execute arbitrary code. (CVE-2008-3432)

- Multiple flaws exist in Vim keyword and tag handling due to improper handling of escape characters. An attacker can exploit this, via a crafted document, to execute arbitrary shell commands or Ex commands. (CVE-2008-4101)

- A security bypass vulnerability exists in OpenSSL due to a failure to properly check the return value from the EVP_VerifyFinal() function. A remote attacker can exploit this, via a malformed SSL/TLS signature for DSA and ECDSA keys, to bypass the validation of the certificate chain. (CVE-2008-5077)

- A security bypass vulnerability exists in BIND due to a failure to properly check the return value from the OpenSSL DSA_verify() function. A remote attacker can exploit this, via a malformed SSL/TLS signature, to bypass the validation of the certificate chain on those systems using DNSSEC. (CVE-2009-0025)

Solution

Apply the appropriate patch according to the vendor advisory that pertains to ESX version 3.5 / 4.0.

See Also

https://www.vmware.com/security/advisories/VMSA-2009-0004

Plugin Details

Severity: High

ID: 89112

File Name: vmware_VMSA-2009-0004_remote.nasl

Version: 1.5

Type: remote

Family: Misc.

Published: 2016/03/03

Updated: 2018/08/06

Dependencies: 57396

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9.3

Temporal Score: 7.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esx

Required KB Items: Host/VMware/version, Host/VMware/release

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2009/03/31

Vulnerability Publication Date: 2007/07/27

Reference Information

CVE: CVE-2007-2953, CVE-2008-2712, CVE-2008-3432, CVE-2008-4101, CVE-2008-5077, CVE-2009-0025

BID: 25095, 29715, 30648, 30795, 33150, 33151

VMSA: 2009-0004

CWE: 20, 119, 287