ID de Prueba:	1.3.6.1.4.1.25623.1.0.103452
Categoría:	VMware Local Security Checks
Título:	VMware ESXi/ESX patches and VI Client update resolve multiple security issues (VMSA-2011-0009.3)
Resumen:	The remote ESXi is missing one or more security related Updates from VMSA-2011-0009.3.
Descripción:	Summary: The remote ESXi is missing one or more security related Updates from VMSA-2011-0009.3. Vulnerability Insight: VMware hosted product updates, ESX patches and VI Client update resolve multiple security issues. a. VMware vmkernel third party e1000(e) Driver Packet Filter Bypass There is an issue in the e1000(e) Linux driver for Intel PRO/1000 adapters that allows a remote attacker to bypass packet filters. b. ESX third party update for Service Console kernel This update for the console OS kernel package resolves four security issues. IPv4 Remote Denial of Service An remote attacker can achieve a denial of service via an issue in the kernel IPv4 code. SCSI Driver Denial of Service / Possible Privilege Escalation A local attacker can achieve a denial of service and possibly a privilege escalation via a vulnerability in the Linux SCSI drivers. Kernel Memory Management Arbitrary Code Execution A context-dependent attacker can execute arbitrary code via a vulnerability in a kernel memory handling function. e1000 Driver Packet Filter Bypass There is an issue in the Service Console e1000 Linux driver for Intel PRO/1000 adapters that allows a remote attacker to bypass packet filters. c. Multiple vulnerabilities in mount.vmhgfs This patch provides a fix for the following three security issues in the VMware Host Guest File System (HGFS). None of these issues affect Windows based Guest Operating Systems. Mount.vmhgfs Information Disclosure Information disclosure via a vulnerability that allows an attacker with access to the Guest to determine if a path exists in the Host filesystem and whether it is a file or directory regardless of permissions. Mount.vmhgfs Race Condition Privilege escalation via a race condition that allows an attacker with access to the guest to mount on arbitrary directories in the Guest filesystem and achieve privilege escalation if they can control the contents of the mounted directory. Mount.vmhgfs Privilege Escalation Privilege escalation via a procedural error that allows an attacker with access to the guest operating system to gain write access to an arbitrary file in the Guest filesystem. This issue only affects Solaris and FreeBSD Guest Operating Systems. d. VI Client ActiveX vulnerabilities VI Client COM objects can be instantiated in Internet Explorer which may cause memory corruption. An attacker who succeeded in making the VI Client user visit a malicious Web site could execute code on the user's system within the security context of that user. Affected Software/OS: ESXi 5.0 without patch ESXi500-201112403-SG ESXi 4.1 without patches ESXi410-201104402-BG and ESXi410-201110201-SG ESXi 4.0 without patch ESXi400-201110401-SG ESXi 3.5 without patches ESXe350-201105401-I-SG and ESXe350-201105402-T-SG ESX 4.1 without patches ESX410-201104401-SG and ESX410-201110225-SG ESX 4.0 without patch ESX400-201104401-SG and ESX400-201110410-SG ESX 3.5 without patches ESX350-201105401-SG, ESX350-201105404-SG and ESX350-201105406-SG Solution: Apply the missing patch(es). CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4536 BugTraq ID: 37519 http://www.securityfocus.com/bid/37519 Debian Security Information: DSA-1996 (Google Search) http://www.debian.org/security/2010/dsa-1996 Debian Security Information: DSA-2005 (Google Search) http://www.debian.org/security/2010/dsa-2005 http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035159.html http://blog.c22.cc/2009/12/27/26c3-cat-procsysnetipv4fuckups/ http://events.ccc.de/congress/2009/Fahrplan/events/3596.en.html http://www.openwall.com/lists/oss-security/2009/12/28/1 http://www.openwall.com/lists/oss-security/2009/12/29/2 http://www.openwall.com/lists/oss-security/2009/12/31/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10607 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12440 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13226 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7453 http://www.redhat.com/support/errata/RHSA-2010-0019.html http://www.redhat.com/support/errata/RHSA-2010-0020.html http://www.redhat.com/support/errata/RHSA-2010-0041.html http://www.redhat.com/support/errata/RHSA-2010-0053.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://www.redhat.com/support/errata/RHSA-2010-0111.html http://www.redhat.com/support/errata/RHSA-2010-0882.html http://securitytracker.com/id?1023420 http://secunia.com/advisories/35265 http://secunia.com/advisories/38031 http://secunia.com/advisories/38276 http://secunia.com/advisories/38296 http://secunia.com/advisories/38492 http://secunia.com/advisories/38610 http://secunia.com/advisories/38779 SuSE Security Announcement: SUSE-SA:2010:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00005.html SuSE Security Announcement: SUSE-SA:2010:007 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00008.html SuSE Security Announcement: SUSE-SA:2010:010 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00002.html SuSE Security Announcement: SUSE-SA:2010:012 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00005.html SuSE Security Announcement: SUSE-SA:2010:013 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00007.html SuSE Security Announcement: SUSE-SA:2010:014 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00000.html XForce ISS Database: kernel-e1000main-security-bypass(55648) https://exchange.xforce.ibmcloud.com/vulnerabilities/55648 Common Vulnerability Exposure (CVE) ID: CVE-2010-1188 BugTraq ID: 39016 http://www.securityfocus.com/bid/39016 http://www.openwall.com/lists/oss-security/2010/03/29/1 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9878 http://www.redhat.com/support/errata/RHSA-2010-0380.html http://www.redhat.com/support/errata/RHSA-2010-0394.html http://www.redhat.com/support/errata/RHSA-2010-0424.html http://www.redhat.com/support/errata/RHSA-2010-0439.html http://www.securitytracker.com/id?1023992 http://secunia.com/advisories/39652 Common Vulnerability Exposure (CVE) ID: CVE-2009-3080 37068 http://www.securityfocus.com/bid/37068 37435 http://secunia.com/advisories/37435 37720 http://secunia.com/advisories/37720 37909 http://secunia.com/advisories/37909 38017 http://secunia.com/advisories/38017 38276 DSA-2005 FEDORA-2009-13098 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00777.html MDVSA-2010:030 http://www.mandriva.com/security/advisories?name=MDVSA-2010:030 MDVSA-2011:051 http://www.mandriva.com/security/advisories?name=MDVSA-2011:051 RHSA-2010:0041 RHSA-2010:0046 https://rhn.redhat.com/errata/RHSA-2010-0046.html RHSA-2010:0095 RHSA-2010:0882 SUSE-SA:2009:061 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00002.html SUSE-SA:2009:064 http://lists.opensuse.org/opensuse-security-announce/2009-12/msg00005.html SUSE-SA:2010:001 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00000.html SUSE-SA:2010:005 SUSE-SA:2010:013 USN-864-1 http://www.ubuntu.com/usn/usn-864-1 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=690e744869f3262855b83b4fb59199cf142765b0 http://support.avaya.com/css/P8/documents/100073666 http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.32-rc8 http://www.vmware.com/security/advisories/VMSA-2011-0009.html oval:org.mitre.oval:def:10989 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10989 oval:org.mitre.oval:def:12862 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12862 oval:org.mitre.oval:def:7101 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7101 Common Vulnerability Exposure (CVE) ID: CVE-2010-2240 1024344 http://securitytracker.com/id?1024344 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console http://www.securityfocus.com/archive/1/517739/100/0/threaded DSA-2094 http://www.debian.org/security/2010/dsa-2094 MDVSA-2010:172 http://www.mandriva.com/security/advisories?name=MDVSA-2010:172 MDVSA-2010:198 http://www.mandriva.com/security/advisories?name=MDVSA-2010:198 RHSA-2010:0660 http://www.redhat.com/support/errata/RHSA-2010-0660.html RHSA-2010:0661 https://rhn.redhat.com/errata/RHSA-2010-0661.html RHSA-2010:0670 http://www.redhat.com/support/errata/RHSA-2010-0670.html [security-announce] 20110428 VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console http://lists.vmware.com/pipermail/security-announce/2011/000133.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=320b2b8de12698082609ebbc1a17165727f4c893 http://www.invisiblethingslab.com/resources/misc-2010/xorg-large-memory-attacks.pdf http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.27.52 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.32.19 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.34.4 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.35.2 http://www.vmware.com/security/advisories/VMSA-2011-0007.html https://bugzilla.redhat.com/show_bug.cgi?id=606611 oval:org.mitre.oval:def:13247 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13247 Common Vulnerability Exposure (CVE) ID: CVE-2011-2146 BugTraq ID: 48098 http://www.securityfocus.com/bid/48098 http://www.securitytracker.com/id?1025601 http://secunia.com/advisories/44840 http://secunia.com/advisories/44904 SuSE Security Announcement: openSUSE-SU-2011:0617 (Google Search) https://hermes.opensuse.org/messages/8711677 XForce ISS Database: vmware-mountvmhgfs-info-disc(67813) https://exchange.xforce.ibmcloud.com/vulnerabilities/67813 Common Vulnerability Exposure (CVE) ID: CVE-2011-1787 Common Vulnerability Exposure (CVE) ID: CVE-2011-2145 XForce ISS Database: vmware-mountvmhgfs-privilege-esc(67815) https://exchange.xforce.ibmcloud.com/vulnerabilities/67815 Common Vulnerability Exposure (CVE) ID: CVE-2011-2217 BugTraq ID: 48099 http://www.securityfocus.com/bid/48099 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911 http://securitytracker.com/id?1025602 http://secunia.com/advisories/44826 http://secunia.com/advisories/44844 XForce ISS Database: vmware-viclient-code-exec(67816) https://exchange.xforce.ibmcloud.com/vulnerabilities/67816
Copyright	Copyright (C) 2012 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.