English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.103450
Kategorie:VMware Local Security Checks
Titel:VMware ESXi/ESX Denial of Service and third party updates for Likewise components and ESX Service Console (VMSA-2011-0007)
Zusammenfassung:The remote ESXi is missing one or more security related Updates from VMSA-2011-0007.
Beschreibung:Summary:
The remote ESXi is missing one or more security related Updates from VMSA-2011-0007.

Vulnerability Insight:
VMware ESXi and ESX could encounter a socket exhaustion situation which may lead to
a denial of service. Updates to Likewise components and to the ESX Service Console address security vulnerabilities.

a. ESX/ESXi Socket Exhaustion

By sending malicious network traffic to an ESXi or ESX host an attacker could
exhaust the available sockets which would prevent further connections to the
host. In the event a host becomes inaccessible its virtual machines will
continue to run and have network connectivity but a reboot of the ESXi or ESX
host may be required in order to be able to connect to the host again.

ESXi and ESX hosts may intermittently lose connectivity caused by applications
that do not correctly close sockets. If this occurs an error message similar to
the following may be written to the vpxa log:

socket() returns -1 (Cannot allocate memory)

An error message similar to the following may be written to the vmkernel logs:

socreate(type=2, proto=17) failed with error 55

b. Likewise package update

Updates to the vmware-esx-likewise-openldap and vmware-esx-likewise-krb5
packages address several security issues.

One of the vulnerabilities is specific to Likewise while the other
vulnerabilities are present in the MIT version of krb5. An incorrect assert()
call in Likewise may lead to a termination of the Likewise-open lsassd service
if a username with an illegal byte sequence is entered for user authentication
when logging in to the Active Directory domain of the ESXi/ESX host. This would
lead to a denial of service. The MIT-krb5 vulnerabilities are detailed in
MITKRB5-SA-2010-007.

c. ESX third party update for Service Console kernel

The Service Console kernel is updated to include a fix for a security issue.

Affected Software/OS:
VMware ESXi 4.1 without patch ESXi410-201104401-SG

VMware ESXi 4.0 without patch ESXi400-201104401-SG

VMware ESX 4.1 without patch ESX410-201104401-SG

VMware ESX 4.0 without patch ESX400-201104401-SG

Solution:
Apply the missing patch(es).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2011-1785
BugTraq ID: 47627
http://www.securityfocus.com/bid/47627
Bugtraq: 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/517739/100/0/threaded
http://lists.vmware.com/pipermail/security-announce/2011/000133.html
http://osvdb.org/72118
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13242
http://securitytracker.com/id?1025452
http://securityreason.com/securityalert/8240
XForce ISS Database: vmware-esxserver-socket-dos(67195)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67195
Common Vulnerability Exposure (CVE) ID: CVE-2011-1786
BugTraq ID: 47625
http://www.securityfocus.com/bid/47625
http://secunia.com/advisories/44349
XForce ISS Database: likewise-lsaad-dos(67194)
https://exchange.xforce.ibmcloud.com/vulnerabilities/67194
Common Vulnerability Exposure (CVE) ID: CVE-2010-1324
http://lists.apple.com/archives/security-announce/2011/Mar/msg00006.html
BugTraq ID: 45116
http://www.securityfocus.com/bid/45116
Bugtraq: 20101130 MITKRB5-SA-2010-007 Multiple checksum handling vulnerabilities [CVE-2010-1324 CVE-2010-1323 CVE-2010-4020 CVE-2010-4021] (Google Search)
http://www.securityfocus.com/archive/1/514953/100/0/threaded
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051976.html
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/051999.html
HPdes Security Advisory: HPSBUX02623
http://marc.info/?l=bugtraq&m=129562442714657&w=2
HPdes Security Advisory: SSRT100355
http://www.mandriva.com/security/advisories?name=MDVSA-2010:246
http://osvdb.org/69609
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11936
http://www.redhat.com/support/errata/RHSA-2010-0925.html
http://www.securitytracker.com/id?1024803
http://secunia.com/advisories/42399
http://secunia.com/advisories/43015
SuSE Security Announcement: SUSE-SR:2010:023 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
SuSE Security Announcement: SUSE-SR:2010:024 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html
http://www.ubuntu.com/usn/USN-1030-1
http://www.vupen.com/english/advisories/2010/3094
http://www.vupen.com/english/advisories/2010/3095
http://www.vupen.com/english/advisories/2010/3118
http://www.vupen.com/english/advisories/2011/0187
Common Vulnerability Exposure (CVE) ID: CVE-2010-1323
BugTraq ID: 45118
http://www.securityfocus.com/bid/45118
Bugtraq: 20111013 VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console (Google Search)
http://www.securityfocus.com/archive/1/520102/100/0/threaded
Debian Security Information: DSA-2129 (Google Search)
http://www.debian.org/security/2010/dsa-2129
HPdes Security Advisory: HPSBOV02682
http://marc.info/?l=bugtraq&m=130497213107107&w=2
HPdes Security Advisory: SSRT100495
http://www.mandriva.com/security/advisories?name=MDVSA-2010:245
http://osvdb.org/69610
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12121
http://www.redhat.com/support/errata/RHSA-2010-0926.html
http://secunia.com/advisories/42420
http://secunia.com/advisories/42436
http://secunia.com/advisories/46397
SuSE Security Announcement: SUSE-SU-2012:0010 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00002.html
SuSE Security Announcement: SUSE-SU-2012:0042 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00010.html
http://www.vupen.com/english/advisories/2010/3101
Common Vulnerability Exposure (CVE) ID: CVE-2010-4020
BugTraq ID: 45117
http://www.securityfocus.com/bid/45117
http://osvdb.org/69608
Common Vulnerability Exposure (CVE) ID: CVE-2010-4021
BugTraq ID: 45122
http://www.securityfocus.com/bid/45122
http://osvdb.org/69607
Common Vulnerability Exposure (CVE) ID: CVE-2010-2240
1024344
http://securitytracker.com/id?1024344
20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
DSA-2094
http://www.debian.org/security/2010/dsa-2094
MDVSA-2010:172
http://www.mandriva.com/security/advisories?name=MDVSA-2010:172
MDVSA-2010:198
http://www.mandriva.com/security/advisories?name=MDVSA-2010:198
MDVSA-2011:051
http://www.mandriva.com/security/advisories?name=MDVSA-2011:051
RHSA-2010:0660
http://www.redhat.com/support/errata/RHSA-2010-0660.html
RHSA-2010:0661
https://rhn.redhat.com/errata/RHSA-2010-0661.html
RHSA-2010:0670
http://www.redhat.com/support/errata/RHSA-2010-0670.html
RHSA-2010:0882
http://www.redhat.com/support/errata/RHSA-2010-0882.html
[security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893
http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2
http://www.vmware.com/security/advisories/VMSA-2011-0007.html
http://www.vmware.com/security/advisories/VMSA-2011-0009.html
https://bugzilla.redhat.com/show_bug.cgi?id=606611
oval:org.mitre.oval:def:13247
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247
CopyrightCopyright (C) 2012 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.