VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0004) (remote check)

High Nessus Plugin ID 89737

Synopsis

The remote VMware ESX host is missing a security-related patch.

Description

The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party components and libraries :

- bind
- expat
- glib2
- Kernel
- newt
- nfs-utils
- NTP
- OpenSSH
- OpenSSL

Solution

Apply the appropriate patch according to the vendor advisory that pertains to ESX version 3.5 / 4.0.

CVE: CVE-2008-3916, CVE-2008-4316, CVE-2008-4552, CVE-2009-0115, CVE-2009-0590, CVE-2009-1189, CVE-2009-1377, CVE-2009-1378, CVE-2009-1379, CVE-2009-1386, CVE-2009-1387, CVE-2009-2695, CVE-2009-2849, CVE-2009-2904, CVE-2009-2905, CVE-2009-2908, CVE-2009-3228, CVE-2009-3286, CVE-2009-3547, CVE-2009-3560, CVE-2009-3563, CVE-2009-3612, CVE-2009-3613, CVE-2009-3620, CVE-2009-3621, CVE-2009-3720, CVE-2009-3726, CVE-2009-4022

BID: 30815, 31602, 31823, 34100, 34256, 35001, 35138, 35174, 36304, 36515, 36552, 36639, 36706, 36723, 36824, 36827, 36901, 36936, 37118, 37203, 37255

VMSA: 2010-0004

CWE: 16, 20, 119, 189, 200, 264, 362, 399

VMware ESX Third-Party Libraries Multiple Vulnerabilities (VMSA-2010-0004) (remote check)

High Nessus Plugin ID 89737

Synopsis

Description

Solution

See Also

Plugin Details

Risk Information

CVSS v2.0

Vulnerability Information

Exploitable With

Reference Information