VMware ESX Multiple Vulnerabilities (VMSA-2009-0009) (remote check)
High Nessus Plugin ID 89115
SynopsisThe remote host is missing a security-related patch.
DescriptionThe remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities :
- A flaw exists in sudo in file parse.c due to a failure to properly interpret a system group (%group) in the sudoers configuration file when handling authorization decisions for users belonging to that group. A local attacker can exploit this to gain root privileges via a crafted sudo command. (CVE-2009-0034)
- A flaw exists in the redirect implementation in libcurl that allows arbitrary Location values to be accepted when CURLOPT_FOLLOWLOCATION is enabled. An attacker with control of a remote HTTP server can exploit this, via crafted redirect URLs, to trigger requests to intranet servers, to read or write arbitrary files, or to execute arbitrary commands. (CVE-2009-0037)
- A flaw exists in udev due to a failure to verify that a NETLINK message originates from the kernel space. A local attacker can exploit this, via a crafted NETLINK message, to gain elevated privileges on the root file system. (CVE-2009-1185)
SolutionApply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0.