VMware ESX Multiple Vulnerabilities (VMSA-2009-0008) (remote check)
Critical Nessus Plugin ID 89114
Synopsis
The remote host is missing a security-related patch.
Description
The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities :
- An out-of-bounds read error exists in the MIT Kerberos SPNEGO implementation in the get_input_token() function.
A remote attacker can exploit this, via a crafted length value, to cause a denial of service or to obtain access to sensitive information. (CVE-2009-0844)
- A NULL pointer dereference flaw exists in MIT Kerberos in the spnego_gss_accept_sec_context() function when SPNEGO is used. A remote attacker can exploit this, via invalid ContextFlags data in the 'reqFlags' field within a 'negTokenInit' token, to cause a denial of service.
(CVE-2009-0845)
- A flaw exists in the MIT Kerberos ASN.1 GeneralizedTime decoder in the asn1_decode_generaltime() function. A remote attacker can exploit this, via vectors involving invalid DER encoding, to free an uninitialized pointer, resulting in a denial of service or the execution of arbitrary code. (CVE-2009-0846)
Solution
Apply the appropriate patch according to the vendor advisory that pertains to ESX version 3.5 / 4.0.