Summary
Detail | |||
---|---|---|---|
Vendor | Vmware | First view | 2003-12-31 |
Product | Esx | Last view | 2014-01-17 |
Version | 4.1 | Type | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
3.3 | 2014-01-17 | CVE-2014-1208 | VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port. |
4.3 | 2014-01-17 | CVE-2014-1207 | VMware ESXi 4.0 through 5.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (NULL pointer dereference) by intercepting and modifying Network File Copy (NFC) traffic. |
4.4 | 2013-12-23 | CVE-2013-5973 | VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a (1) -flat, (2) -rdm, or (3) -rdmp filename. |
7.9 | 2013-12-04 | CVE-2013-3519 | lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation. |
7.1 | 2013-10-21 | CVE-2013-5970 | hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 allows remote attackers to cause a denial of service (hostd-vmdb service outage) by modifying management traffic. |
9.4 | 2013-09-10 | CVE-2013-3658 | Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors. |
7.5 | 2013-09-10 | CVE-2013-3657 | Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. |
4.3 | 2013-09-03 | CVE-2013-1661 | VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled exception and application crash) by modifying the client-server data stream. |
10 | 2013-02-15 | CVE-2013-1405 | VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
5 | 2012-11-20 | CVE-2012-5703 | The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers to cause a denial of service (host daemon crash) via an invalid value in a (1) RetrieveProp or (2) RetrievePropEx SOAP request. |
6.9 | 2012-09-08 | CVE-2012-1666 | Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory. |
7.8 | 2012-06-14 | CVE-2012-3289 | VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device. |
9.3 | 2012-06-14 | CVE-2012-3288 | VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file. |
9 | 2012-05-04 | CVE-2012-2450 | VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. |
9 | 2012-05-04 | CVE-2012-2449 | VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. |
7.5 | 2012-05-04 | CVE-2012-2448 | VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via NFS traffic. |
9 | 2012-05-04 | CVE-2012-1517 | The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving function pointers. |
9.9 | 2012-05-04 | CVE-2012-1516 | The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers. |
8.3 | 2012-04-17 | CVE-2012-1518 | VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors. |
8.3 | 2012-04-02 | CVE-2012-1515 | VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine. |
5.5 | 2011-07-18 | CVE-2010-4655 | net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability for an ethtool ioctl call. |
7.5 | 2011-05-26 | CVE-2010-4251 | The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests. |
7.9 | 2011-01-18 | CVE-2010-4263 | The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame. |
7.1 | 2011-01-10 | CVE-2010-4526 | Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.11-rc2 through 2.6.33 allows remote attackers to cause a denial of service (panic) via an ICMP unreachable message to a socket that is already locked by a user, which causes the socket to be freed and triggers list corruption, related to the sctp_wait_for_connect function. |
5.5 | 2010-12-29 | CVE-2010-4343 | drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
18% (9) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
14% (7) | CWE-264 | Permissions, Privileges, and Access Controls |
10% (5) | CWE-20 | Improper Input Validation |
6% (3) | CWE-476 | NULL Pointer Dereference |
4% (2) | CWE-665 | Improper Initialization |
4% (2) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
4% (2) | CWE-362 | Race Condition |
4% (2) | CWE-200 | Information Exposure |
4% (2) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
2% (1) | CWE-776 | Unrestricted Recursive Entity References in DTDs ('XML Bomb') |
2% (1) | CWE-672 | Operation on a Resource after Expiration or Release |
2% (1) | CWE-416 | Use After Free |
2% (1) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
2% (1) | CWE-399 | Resource Management Errors |
2% (1) | CWE-287 | Improper Authentication |
2% (1) | CWE-269 | Improper Privilege Management |
2% (1) | CWE-255 | Credentials Management |
2% (1) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
2% (1) | CWE-189 | Numeric Errors |
2% (1) | CWE-129 | Improper Validation of Array Index |
2% (1) | CWE-120 | Buffer Copy without Checking Size of Input ('Classic Buffer Overflo... |
2% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
2% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
2% (1) | CWE-16 | Configuration |
CAPEC : Common Attack Pattern Enumeration & Classification
id | Name |
---|---|
CAPEC-1 | Accessing Functionality Not Properly Constrained by ACLs |
CAPEC-13 | Subverting Environment Variable Values |
CAPEC-17 | Accessing, Modifying or Executing Executable Files |
CAPEC-39 | Manipulating Opaque Client-based Data Tokens |
CAPEC-45 | Buffer Overflow via Symbolic Links |
CAPEC-51 | Poison Web Service Registry |
CAPEC-59 | Session Credential Falsification through Prediction |
CAPEC-60 | Reusing Session IDs (aka Session Replay) |
CAPEC-76 | Manipulating Input to File System Calls |
CAPEC-77 | Manipulating User-Controlled Variables |
CAPEC-87 | Forceful Browsing |
CAPEC-104 | Cross Zone Scripting |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:5463 | VMware ESX server double free vulnerability may let remote users execute arbi... |
oval:org.mitre.oval:def:5552 | VMware ESX Multiple Code Execution and Denial of Service Vulnerabilities |
oval:org.mitre.oval:def:5688 | VMware Tools Input Validation Flaw in Windows Guest OS Lets Local Users Gain ... |
oval:org.mitre.oval:def:5358 | VMware Tools Input Validation Flaw in Windows Guest OS Lets Local Users Gain ... |
oval:org.mitre.oval:def:5583 | VMware Unsafe Library Path in vmware-authd Lets Local Users Gain Elevated Pri... |
oval:org.mitre.oval:def:4768 | VMware Unsafe Library Path in vmware-authd Lets Local Users Gain Elevated Pri... |
oval:org.mitre.oval:def:5647 | VMware Buffer Overflows in VIX API Let Local Users Execute Arbitrary Code |
oval:org.mitre.oval:def:5081 | VMware Buffer Overflows in VIX API Let Local Users Execute Arbitrary Code |
oval:org.mitre.oval:def:9812 | libxml2 2.6.32 and earlier does not properly detect recursion during entity e... |
oval:org.mitre.oval:def:7968 | DSA-1631 libxml2 -- denial of service |
oval:org.mitre.oval:def:6496 | Libxml2 Recursive Entity Evaluation Bug Lets Remote Users Deny Service |
oval:org.mitre.oval:def:19740 | DSA-1631-1 libxml2 - denial of service |
oval:org.mitre.oval:def:17756 | USN-640-1 -- libxml2 vulnerability |
oval:org.mitre.oval:def:17731 | USN-644-1 -- libxml2 vulnerabilities |
oval:org.mitre.oval:def:21731 | ELSA-2008:0836: libxml2 security update (Moderate) |
oval:org.mitre.oval:def:29241 | RHSA-2008:0836 -- libxml2 security update (Moderate) |
oval:org.mitre.oval:def:5929 | ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional ... |
oval:org.mitre.oval:def:6425 | VMware ESX Administrative Directory Traversal Bug May Allow Administrators to... |
oval:org.mitre.oval:def:6309 | VMware CPU Hardware Emulation Bug Lets Local Users Gain Elevated Privileges |
oval:org.mitre.oval:def:6246 | VMware ESX Virtual Hardware Memory Access Bug Lets Local Users Gain Elevated ... |
oval:org.mitre.oval:def:6462 | Sudo Supplemental Group Privilege Error Lets Certain Local Users Gain Elevate... |
oval:org.mitre.oval:def:13952 | USN-722-1 -- sudo vulnerability |
oval:org.mitre.oval:def:10856 | parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a syste... |
oval:org.mitre.oval:def:22769 | ELSA-2009:0267: sudo security update (Moderate) |
oval:org.mitre.oval:def:29098 | RHSA-2009:0267 -- sudo security update (Moderate) |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
71660 | Linux Kernel net/core/sock.c Networking Subsystem Packet Handling Backlog Rem... |
71601 | Linux Kernel ethtool IOCTL Handler ethtool_get_regs() Function Local Informat... |
70483 | Linux Kernel igb Subsystem drivers/net/igb/igb_main.c igb_receive_skb Functio... |
70378 | Linux Kernel Locked Socket ICMP Unreachable Message Race Condition Remote DoS |
70228 | Linux Kernel drivers/scsi/bfa/bfa_core.c fc_host Statistics File Read Operati... |
68303 | Linux Kernel XFS Inode Allocation Btree Stale NFS Filehandle Unlinked File Ac... |
68213 | Linux Kernel on 64-bit include/asm/compat.h compat_alloc_user_space Function ... |
68173 | Linux Kernel net/sched/act_skbedit.c tcf_skbedit_dump Function Network Queuei... |
68172 | Linux Kernel net/sched/act_simple.c tcf_simp_dump Function Network Queueing A... |
68171 | Linux Kernel net/sched/act_nat.c tcf_nat_dump Function Network Queueing Actio... |
68170 | Linux Kernel net/sched/act_mirred.c tcf_mirred_dump Function Network Queueing... |
68169 | Linux Kernel net/sched/act_gact.c tcf_gact_dump Function Network Queueing Act... |
67893 | Linux Kernel eCryptfs Subsystem fs/ecryptfs/messaging.c ecryptfs_uid_hash Mac... |
67892 | Linux Kernel fs/ext4/move_extent.c mext_check_arguments Function MOVE_EXT IOC... |
67881 | Linux Kernel fs/xfs/linux-2.6/xfs_ioctl.c xfs_ioc_fsgetxattr() Function Stack... |
67366 | Linux Kernel fs/gfs2/dir.c gfs2_dirent_find_space Function GFS2 File System R... |
66582 | Linux Kernel CIFS DNS Resolver Lookup Results Keyring Cache Poisoning Weakness |
60311 | Linux Kernel drivers/scsi/gdth.c gdth_read_event() Function IOCTL Handling Lo... |
59654 | Linux Kernel fs/pipe.c Multiple Function Locking Error NULL Dereference Local... |
59210 | Linux Kernel net/unix/af_unix.c AF_UNIX Socket Reconnect Local DoS |
57264 | Linux Kernel execve Function current->clear_child_tid Pointer Handling Loc... |
56985 | libxml2 XML File Multiple Attribute Type Handling DoS |
56444 | Linux Kernel net/ipv4/icmp.c icmp_send Function REJECT Route Remote DoS |
54492 | Linux Kernel fs/nfs/dir.c nfs_permission() Function NFSv4 Share Permission By... |
52861 | Linux Kernel nfsd CAP_MKNOD Unprivileged Device Node Creation |
OpenVAS Exploits
id | Description |
---|---|
2012-11-16 | Name : VMSA-2012-0016: VMware security updates for vSphere API and ESX Service Console File : nvt/gb_VMSA-2012-0016.nasl |
2012-10-03 | Name : Gentoo Security Advisory GLSA 201209-25 (vmware-server vmware-player vmware-w... File : nvt/glsa_201209_25.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0163 centos5 x86_64 File : nvt/gb_CESA-2011_0163_kernel_centos5_x86_64.nasl |
2012-07-30 | Name : CentOS Update for kernel CESA-2011:0303 centos5 x86_64 File : nvt/gb_CESA-2011_0303_kernel_centos5_x86_64.nasl |
2012-06-15 | Name : VMSA-2012-0011 VMware Workstation, Player, Fusion, ESXi and ESX patches addre... File : nvt/gb_VMSA-2012-0011.nasl |
2012-06-13 | Name : Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167) File : nvt/secpod_ms12-042.nasl |
2012-06-06 | Name : RedHat Update for kernel RHSA-2011:0421-01 File : nvt/gb_RHSA-2011_0421-01_kernel.nasl |
2012-06-06 | Name : RedHat Update for Red Hat Enterprise Linux 6.1 kernel RHSA-2011:0542-01 File : nvt/gb_RHSA-2011_0542-01_Red_Hat_Enterprise_Linux_6.1_kernel.nasl |
2012-06-05 | Name : RedHat Update for kernel RHSA-2011:0007-01 File : nvt/gb_RHSA-2011_0007-01_kernel.nasl |
2012-05-03 | Name : VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address criti... File : nvt/gb_VMSA-2012-0009.nasl |
2012-04-16 | Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates File : nvt/gb_VMSA-2010-0009.nasl |
2012-04-13 | Name : VMSA-2012-0007 VMware hosted products and ESX patches address privilege escal... File : nvt/gb_VMSA-2012-0007.nasl |
2012-04-02 | Name : VMSA-2012-0006 VMware ESXi and ESX address several security issues File : nvt/gb_VMSA-2012-0006.nasl |
2012-03-16 | Name : VMSA-2011-0003.2 Third party component updates for VMware vCenter Server, vCe... File : nvt/gb_VMSA-2011-0003.nasl |
2012-03-16 | Name : VMSA-2011-0009.3 VMware hosted product updates, ESX patches and VI Client upd... File : nvt/gb_VMSA-2011-0009.nasl |
2012-03-16 | Name : VMSA-2011-0012.3 VMware ESXi and ESX updates to third party libraries and ESX... File : nvt/gb_VMSA-2011-0012.nasl |
2011-09-30 | Name : Ubuntu Update for linux-ec2 USN-1216-1 File : nvt/gb_ubuntu_USN_1216_1.nasl |
2011-09-30 | Name : Ubuntu Update for linux USN-1218-1 File : nvt/gb_ubuntu_USN_1218_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-ti-omap4 USN-1202-1 File : nvt/gb_ubuntu_USN_1202_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1203-1 File : nvt/gb_ubuntu_USN_1203_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-fsl-imx51 USN-1204-1 File : nvt/gb_ubuntu_USN_1204_1.nasl |
2011-09-16 | Name : Ubuntu Update for linux-mvl-dove USN-1208-1 File : nvt/gb_ubuntu_USN_1208_1.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:0326 centos5 i386 File : nvt/gb_CESA-2009_0326_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for kernel CESA-2009:1106 centos5 i386 File : nvt/gb_CESA-2009_1106_kernel_centos5_i386.nasl |
2011-08-09 | Name : CentOS Update for libxml2 CESA-2009:1206 centos5 i386 File : nvt/gb_CESA-2009_1206_libxml2_centos5_i386.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2014-B-0010 | Multiple Vulnerabilities in VMware ESXi 5.1 Severity: Category I - VMSKEY: V0043881 |
2014-B-0009 | Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity: Category I - VMSKEY: V0043880 |
2014-B-0008 | Multiple Vulnerabilities in VMware ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0043879 |
2014-A-0019 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0043844 |
2013-A-0222 | Multiple Vulnerabilties in VMware Workstation Severity: Category II - VMSKEY: V0042383 |
2013-A-0221 | Multiple Vulnerabilties in VMware Player Severity: Category II - VMSKEY: V0042382 |
2013-A-0218 | VMware ESX/ESXi 4.1 Denial of Service Vulnerability Severity: Category I - VMSKEY: V0042309 |
2013-A-0205 | VMware ESXi 5.0 Denial of Service Vulnerability Severity: Category I - VMSKEY: V0041367 |
2013-A-0204 | VMware ESX/ESXi 4.0 Denial of Service Vulnerability Severity: Category I - VMSKEY: V0041366 |
2013-B-0098 | VMware ESXi 5.1 Remote Denial of Service Vulnerability Severity: Category I - VMSKEY: V0040211 |
2013-B-0095 | VMware ESX 4.0 and ESXi 4.0 Remote Denial of Service Vulnerability Severity: Category I - VMSKEY: V0040209 |
2013-B-0096 | VMware ESX 4.1 and ESXi 4.1 Remote Denial of Service Vulnerability Severity: Category I - VMSKEY: V0040208 |
2013-B-0012 | VMware vCenter 4.1 Server and vSphere 4.1 Client Memory Corruption Vulnerability Severity: Category II - VMSKEY: V0036789 |
2013-A-0031 | Multiple Security Vulnerabilities in VMware ESX 4.1 and ESXi 4.1 Severity: Category I - VMSKEY: V0036787 |
2012-A-0189 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0035032 |
2012-A-0100 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0032847 |
2012-A-0099 | Multiple Vulnerabilities in VMware ESXi 4.0 and ESX 4.0 Severity: Category I - VMSKEY: V0032846 |
2012-A-0098 | Multiple Vulnerabilities in VMware ESXi 3.5 and ESX 3.5 Severity: Category I - VMSKEY: V0032845 |
2012-A-0075 | Multiple Vulnerabilities in VMware Fusion Severity: Category I - VMSKEY: V0032174 |
2012-A-0073 | Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1 Severity: Category I - VMSKEY: V0032171 |
2012-A-0072 | Multiple Vulnerabilities in VMware ESXi 4.0 and ESX 4.0 Severity: Category I - VMSKEY: V0032167 |
2012-A-0071 | Multiple Vulnerabilities in VMware ESXi 3.5 and ESX 3.5 Severity: Category I - VMSKEY: V0032165 |
2012-A-0056 | Multiple Vulnerabilities in VMWare ESX 4.0 and ESXi 4.0 Severity: Category I - VMSKEY: V0031979 |
2012-A-0055 | VMWare ESX 3.5 and ESXi 3.5 Privilege Escalation Vulnerability Severity: Category I - VMSKEY: V0031978 |
2011-A-0147 | Multiple Vulnerabilities in VMware ESX and ESXi Severity: Category I - VMSKEY: V0030545 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-11-16 | VMWare vSphere API SOAP request RetrieveProperties remote denial of service a... RuleID : 31297 - Type : SERVER-WEBAPP - Revision : 3 |
2014-01-10 | PcVue SVUIGrd.ocx ActiveX function call access RuleID : 27112 - Type : BROWSER-PLUGINS - Revision : 5 |
2014-01-10 | PcVue SVUIGrd.ocx ActiveX clsid access RuleID : 27111 - Type : BROWSER-PLUGINS - Revision : 5 |
2014-01-10 | Linux Kernel nfsd v4 CAP_MKNOD security bypass attempt RuleID : 17749 - Type : PROTOCOL-RPC - Revision : 7 |
2014-01-10 | Linux Kernel nfsd v3 tcp CAP_MKNOD security bypass attempt RuleID : 16702 - Type : PROTOCOL-RPC - Revision : 7 |
2014-01-10 | Linux Kernel nfsd v3 udp CAP_MKNOD security bypass attempt RuleID : 16701 - Type : PROTOCOL-RPC - Revision : 8 |
2014-01-10 | Linux Kernel nfsd v2 tcp CAP_MKNOD security bypass attempt RuleID : 16700 - Type : PROTOCOL-RPC - Revision : 7 |
2014-01-10 | Linux Kernel nfsd v2 udp CAP_MKNOD security bypass attempt RuleID : 16699 - Type : PROTOCOL-RPC - Revision : 8 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2016-03-08 | Name: The remote VMware ESX host is missing a security-related patch. File: vmware_VMSA-2010-0004_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-08 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2010-0009_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-08 | Name: The remote VMware ESX host is missing a security-related patch. File: vmware_VMSA-2010-0017_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0003_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0009_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2011-0012_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_esx_VMSA-2013-0001_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_esx_VMSA-2013-0011_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_esx_VMSA-2013-0012_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_esx_VMSA-2013-0014_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-04 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_esx_VMSA-2013-0016_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0009_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-03 | Name: The remote host is missing a security-related patch. File: vmware_VMSA-2009-0016_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-03 | Name: The remote VMware ESXi / ESX host is missing a security-related patch. File: vmware_VMSA-2012-0006_remote.nasl - Type: ACT_GATHER_INFO |
2016-03-03 | Name: The remote VMware ESXi / ESX host is missing a security-related patch. File: vmware_VMSA-2012-0007_remote.nasl - Type: ACT_GATHER_INFO |
2016-02-29 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2012-0009_remote.nasl - Type: ACT_GATHER_INFO |
2016-02-29 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2012-0011_remote.nasl - Type: ACT_GATHER_INFO |
2016-02-29 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2012-0016_remote.nasl - Type: ACT_GATHER_INFO |
2015-12-30 | Name: The remote VMware ESX / ESXi host is missing a security-related patch. File: vmware_VMSA-2014-0001_remote.nasl - Type: ACT_GATHER_INFO |
2015-04-24 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL16477.nasl - Type: ACT_GATHER_INFO |
2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2009-0004.nasl - Type: ACT_GATHER_INFO |
2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2009-0014.nasl - Type: ACT_GATHER_INFO |
2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2009-0018.nasl - Type: ACT_GATHER_INFO |
2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2009-0033.nasl - Type: ACT_GATHER_INFO |
2014-11-26 | Name: The remote OracleVM host is missing one or more security updates. File: oraclevm_OVMSA-2013-0039.nasl - Type: ACT_GATHER_INFO |