VMware ESX sudo Package Multiple Vulnerabilities (VMSA-2013-0007) (remote check)
High Nessus Plugin ID 89665
SynopsisThe remote VMware ESX / ESXi host is missing a security-related patch.
DescriptionThe remote VMware ESX / ESXi host is missing a security-related patch.
It is, therefore, affected by multiple vulnerabilities in the bundled version of sudo :
- An unspecified flaw exists in the sudo package related to the Network Matching Mechanism that is triggered when parsing IPv4 netmask hosts. A local attacker can exploit this to execute arbitrary code. (CVE-2012-2337)
- An arbitrary file overwrite vulnerability exists in sudo due to a race condition occurs in post-uninstall during the upgrade or removal of sudo packages. A local attacker can exploit this via a symlink attack against the /var/tmp/nsswitch.conf.bak file, allowing the attacker write to a specified file. (CVE-2012-3440)
SolutionApply the appropriate patch according to the vendor advisory that pertains to ESX version 4.0 / 4.1.