VMware ESX Multiple Vulnerabilities (VMSA-2010-0019) (remote check)

high Nessus Plugin ID 89745


The remote VMware ESX host is missing a security-related patch.


The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several third-party components and libraries :

- bzip2
- Network Security Services (NSS) Library
- OpenSSL
- Samba


Apply the appropriate patch as referenced in the vendor advisory that pertains to ESX version 3.5 / 4.0 / 4.1.

See Also


Plugin Details

Severity: High

ID: 89745

File Name: vmware_VMSA-2010-0019_remote.nasl

Version: 1.8

Type: remote

Published: 3/8/2016

Updated: 1/6/2021

Risk Information


Risk Factor: High

Score: 7.7


Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/o:vmware:esx

Required KB Items: Host/VMware/version, Host/VMware/release

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 12/7/2010

Vulnerability Publication Date: 3/25/2009

Exploitable With

Metasploit (Sun Java JRE AWT setDiffICM Buffer Overflow)

Reference Information

CVE: CVE-2009-0590, CVE-2009-2409, CVE-2009-3555, CVE-2010-0405, CVE-2010-3069

BID: 34256, 36881, 36935, 43212, 43331

VMSA: 2010-0019

IAVB: 2010-B-0083

CWE: 119, 310