VMware ESX / ESXi libxml2 RCE (VMSA-2013-0004) (remote check)
Medium Nessus Plugin ID 89664
SynopsisThe remote VMware ESX / ESXi host is missing a security-related patch.
DescriptionThe remote VMware ESX / ESXi host is missing a security-related patch.
It is, therefore, affected by affected by a heap-based underflow condition in the bundled libxml2 library due to incorrect parsing of strings not containing an expected space. A remote attacker can exploit this, via a specially crafted XML document, to cause a denial of service condition or the execution of arbitrary code.
SolutionApply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1 or ESXi version 4.0 / 4.1.