Test ID:	1.3.6.1.4.1.25623.1.0.840135
Category:	Ubuntu Local Security Checks
Title:	Ubuntu: Security Advisory (USN-543-1)
Summary:	The remote host is missing an update for the 'linux-restricted-modules-2.6.17, linux-restricted-modules-2.6.20, vmware-player-kernel-2.6.15' package(s) announced via the USN-543-1 advisory.
Description:	Summary: The remote host is missing an update for the 'linux-restricted-modules-2.6.17, linux-restricted-modules-2.6.20, vmware-player-kernel-2.6.15' package(s) announced via the USN-543-1 advisory. Vulnerability Insight: Neel Mehta and Ryan Smith discovered that the VMWare Player DHCP server did not correctly handle certain packet structures. Remote attackers could send specially crafted packets and gain root privileges. (CVE-2007-0061, CVE-2007-0062, CVE-2007-0063) Rafal Wojtczvk discovered multiple memory corruption issues in VMWare Player. Attackers with administrative privileges in a guest operating system could cause a denial of service or possibly execute arbitrary code on the host operating system. (CVE-2007-4496, CVE-2007-4497) Affected Software/OS: 'linux-restricted-modules-2.6.17, linux-restricted-modules-2.6.20, vmware-player-kernel-2.6.15' package(s) on Ubuntu 6.06, Ubuntu 6.10, Ubuntu 7.04. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2007-0061 BugTraq ID: 25729 http://www.securityfocus.com/bid/25729 http://lists.grok.org.uk/pipermail/full-disclosure/2007-September/065902.html http://security.gentoo.org/glsa/glsa-200711-23.xml ISS Security Advisory: 20070919 VMWare DHCP Server Remote Code Execution Vulnerabilities http://www.iss.net/threats/275.html http://www.securitytracker.com/id?1018717 http://secunia.com/advisories/26890 http://secunia.com/advisories/27694 http://secunia.com/advisories/27706 http://www.ubuntu.com/usn/usn-543-1 http://www.vupen.com/english/advisories/2007/3229 XForce ISS Database: dhcp-malformed-packet-bo(33101) https://exchange.xforce.ibmcloud.com/vulnerabilities/33101 Common Vulnerability Exposure (CVE) ID: CVE-2007-0062 Bugtraq: 20090312 rPSA-2009-0041-1 dhclient dhcp libdhcp4client (Google Search) http://www.securityfocus.com/archive/1/501759/100/0/threaded http://security.gentoo.org/glsa/glsa-200808-05.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:153 http://secunia.com/advisories/31396 http://secunia.com/advisories/34263 SuSE Security Announcement: SUSE-SR:2009:005 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html XForce ISS Database: dhcp-param-overflow(33102) https://exchange.xforce.ibmcloud.com/vulnerabilities/33102 Common Vulnerability Exposure (CVE) ID: CVE-2007-0063 XForce ISS Database: dhcp-param-underflow(33103) https://exchange.xforce.ibmcloud.com/vulnerabilities/33103 Common Vulnerability Exposure (CVE) ID: CVE-2007-4496 BugTraq ID: 25728 http://www.securityfocus.com/bid/25728 http://www.securitytracker.com/id?1018718 Common Vulnerability Exposure (CVE) ID: CVE-2007-4497 BugTraq ID: 25731 http://www.securityfocus.com/bid/25731
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.