 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.103481 |
| Categoría: | VMware Local Security Checks |
| Título: | VMware ESXi/ESX patches address critical security issues (VMSA-2012-0009) |
| Resumen: | The remote ESXi is missing one or more security related Updates from VMSA-2012-0009. |
| Descripción: | Summary: The remote ESXi is missing one or more security related Updates from VMSA-2012-0009. Vulnerability Insight: a. VMware host memory overwrite vulnerability (data pointers) Due to a flaw in the handler function for RPC commands, it is possible to manipulate data pointers within the VMX process. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host. b. VMware host memory overwrite vulnerability (function pointers) Due to a flaw in the handler function for RPC commands, it is possible to manipulate function pointers within the VMX process. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host. c. ESX NFS traffic parsing vulnerability Due to a flaw in the handling of NFS traffic, it is possible to overwrite memory. This vulnerability may allow a user with access to the network to execute code on the ESXi/ESX host without authentication. The issue is not present in cases where there is no NFS traffic. d. VMware floppy device out-of-bounds memory write Due to a flaw in the virtual floppy configuration it is possible to perform an out-of-bounds memory write. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host. e. VMware SCSI device unchecked memory write Due to a flaw in the SCSI device registration it is possible to perform an unchecked write into memory. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host. Affected Software/OS: ESXi 5.0 without patch ESXi500-201205401-SG ESXi 4.1 without patches ESXi410-201205401-SG, ESXi410-201110201-SG, ESXi410-201201401-SG ESXi 4.0 without patches ESXi400-201105201-UG, ESXi400-201205401-SG ESXi 3.5 without patch ESXe350-201205401-I-SG ESX 4.1 without patches ESX410-201205401-SG, ESX410-201110201-SG, ESX410-201201401-SG ESX 4.0 without patches ESX400-201105201-UG, ESX400-201205401-SG ESX 3.5 without patch ESX350-201205401-SG Solution: Apply the missing patch(es). a. VMware host memory overwrite vulnerability (data pointers) Workaround Configure virtual machines to use less than 4 GB of memory. Virtual machines that have less than 4GB of memory are not affected. Mitigation Do not allow untrusted users access to your virtual machines. Root or Administrator level permissions are not required to exploit this issue. b. VMware host memory overwrite vulnerability (function pointers) Workaround None identified Mitigation Do not allow untrusted users access to your virtual machines. Root or Administrator level permissions are not required to exploit this issue. c. ESX NFS traffic parsing vulnerability Workaround None identified Mitigation - Connect only to trusted NFS servers - Segregate the NFS network - Harden your NFS server d. VMware floppy device out-of-bounds memory write Workaround Remove the virtual floppy drive from the list of virtual IO devices. The VMware hardening guides recommend removing unused virtual IO devices in general. Mitigation Do not allow untrusted root users in your virtual machines. Root or Administrator level permissions are required to exploit this issue. e. VMware SCSI device unchecked memory write Workaround Remove the virtual SCSI controller from the list of virtual IO devices. The VMware hardening guides recommend removing unused virtual IO devices in general. Mitigation Do not allow untrusted root users access to your virtual machines. Root or Administrator level permissions are required to exploit this issue. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-1516 BugTraq ID: 53369 http://www.securityfocus.com/bid/53369 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16810 http://www.securitytracker.com/id?1027018 XForce ISS Database: vmware-esxserver-rpc-priv-esc(75373) https://exchange.xforce.ibmcloud.com/vulnerabilities/75373 Common Vulnerability Exposure (CVE) ID: CVE-2012-1517 http://osvdb.org/81692 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A17231 XForce ISS Database: vmware-rpc-commands-priv-esc(75374) https://exchange.xforce.ibmcloud.com/vulnerabilities/75374 Common Vulnerability Exposure (CVE) ID: CVE-2012-2448 BugTraq ID: 53371 http://www.securityfocus.com/bid/53371 http://osvdb.org/81693 XForce ISS Database: vmware-nfs-code-execution(75375) https://exchange.xforce.ibmcloud.com/vulnerabilities/75375 Common Vulnerability Exposure (CVE) ID: CVE-2012-2449 http://osvdb.org/81694 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16863 http://www.securitytracker.com/id?1027019 http://secunia.com/advisories/49032 XForce ISS Database: vmware-esxserver-floppy-priv-esc(75376) https://exchange.xforce.ibmcloud.com/vulnerabilities/75376 Common Vulnerability Exposure (CVE) ID: CVE-2012-2450 http://osvdb.org/81695 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16852 XForce ISS Database: esxserver-scsi-priv-esc(75377) https://exchange.xforce.ibmcloud.com/vulnerabilities/75377 |
| Copyright | Copyright (C) 2012 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |