Executive Summary



This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.
Summary
Title VMware Workstation, ESXi, and ESX address several security issues
Informations
Name VMSA-2012-0006 First vendor Publication 2012-03-29
Vendor VMware Last vendor Modification 2012-06-13
Severity (Vendor) N/A Revision 2

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score 10 Attack Range Network
Cvss Impact Score 10 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

a. VMware ROM Overwrite Privilege Escalation

A flaw in the way port-based I/O is handled allows for modifying Read-Only Memory that belongs to the Virtual DOS Machine. Exploitation of this issue may lead to privilege escalation on Guest Operating Systems that run Windows 2000, Windows XP 32-bit, Windows Server 2003 32-bit or Windows Server 2003 R2 32-bit.

VMware would like to thank Derek Soeder of Ridgeway Internet Security, L.L.C. for reporting this issue to us.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2012-1515 to this issue.

b. ESX third party update for Service Console kernel

The ESX Service Console Operating System (COS) kernel is updated to kernel-400.2.6.18-238.4.11.591731 to fix multiple security issues in the COS kernel.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2011-2482, CVE-2011-3191 and CVE-2011-4348 to these issues.

c. ESX third party update for Service Console krb5 RPM

This patch updates the krb5-libs and krb5-workstation RPMs to version 1.6.1-63.el5_7 to resolve a security issue.

By default, the affected krb5-telnet and ekrb5-telnet services do not run. The krb5 telnet daemon is an xinetd service. You can run the following commands to check if krb5 telnetd is enabled:

/sbin/chkconfig --list krb5-telnet /sbin/chkconfig --list ekrb5-telnet

The output of these commands displays if krb5 telnet is enabled.

You can run the following commands to disable krb5 telnet daemon:

/sbin/chkconfig krb5-telnet off /sbin/chkconfig ekrb5-telnet off

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2011-4862 to this issue.

Original Source

Url : http://www.vmware.com/security/advisories/VMSA-2012-0006.html

CWE : Common Weakness Enumeration

% Id Name
20 % CWE-476 NULL Pointer Dereference
20 % CWE-362 Race Condition
20 % CWE-264 Permissions, Privileges, and Access Controls
20 % CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') (CWE/SANS Top 25)
20 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:15084
 
Oval ID: oval:org.mitre.oval:def:15084
Title: DSA-2372-1 heimdal -- buffer overflow
Description: It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges.
Family: unix Class: patch
Reference(s): DSA-2372-1
CVE-2011-4862
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): heimdal
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15151
 
Oval ID: oval:org.mitre.oval:def:15151
Title: DSA-2375-1 krb5 -- buffer overflow
Description: It was discovered that the encryption support for BSD telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet port to execute arbitrary code with root privileges.
Family: unix Class: patch
Reference(s): DSA-2375-1
CVE-2011-4862
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): krb5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15184
 
Oval ID: oval:org.mitre.oval:def:15184
Title: DSA-2373-1 inetutils -- buffer overflow
Description: It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges.
Family: unix Class: patch
Reference(s): DSA-2373-1
CVE-2011-4862
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 6.0
Debian GNU/kFreeBSD 6.0
Product(s): inetutils
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:15209
 
Oval ID: oval:org.mitre.oval:def:15209
Title: BIOS ROM Corruption Vulnerability (CVE-2012-1515)
Description: VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.
Family: windows Class: vulnerability
Reference(s): CVE-2012-1515
Version: 3
Platform(s): Microsoft Windows Server 2003
Microsoft Windows XP
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17110
 
Oval ID: oval:org.mitre.oval:def:17110
Title: VMware ROM Overwrite Privilege Escalation
Description: VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.
Family: windows Class: vulnerability
Reference(s): CVE-2012-1515
Version: 4
Platform(s): Microsoft Windows 7
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Vista
Microsoft Windows XP
Product(s): VMware Workstation
VMware Player
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17913
 
Oval ID: oval:org.mitre.oval:def:17913
Title: USN-1246-1 -- linux vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1246-1
CVE-2011-2213
CVE-2011-2497
CVE-2011-2695
CVE-2011-2700
CVE-2011-2723
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
Version: 7
Platform(s): Ubuntu 11.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20334
 
Oval ID: oval:org.mitre.oval:def:20334
Title: VMware ESXi and ESX address several security issues
Description: Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482.
Family: unix Class: vulnerability
Reference(s): CVE-2011-4348
Version: 4
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20405
 
Oval ID: oval:org.mitre.oval:def:20405
Title: VMware ESXi and ESX address several security issues
Description: Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
Family: unix Class: vulnerability
Reference(s): CVE-2011-4862
Version: 4
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20613
 
Oval ID: oval:org.mitre.oval:def:20613
Title: VMware ESXi and ESX address several security issues
Description: Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a large length value in a response to a read request for a directory.
Family: unix Class: vulnerability
Reference(s): CVE-2011-3191
Version: 4
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20625
 
Oval ID: oval:org.mitre.oval:def:20625
Title: VMware ESXi and ESX address several security issues
Description: VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine.
Family: unix Class: vulnerability
Reference(s): CVE-2012-1515
Version: 4
Platform(s): VMWare ESX Server 4.1
VMWare ESX Server 4.0
VMWare ESX Server 3.5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20687
 
Oval ID: oval:org.mitre.oval:def:20687
Title: VMware ESXi and ESX address several security issues
Description: A certain Red Hat patch to the sctp_sock_migrate function in net/sctp/socket.c in the Linux kernel before 2.6.21, as used in Red Hat Enterprise Linux (RHEL) 5, allows remote attackers to cause a denial of service (NULL pointer dereference and OOPS) via a crafted SCTP packet.
Family: unix Class: vulnerability
Reference(s): CVE-2011-2482
Version: 4
Platform(s): VMWare ESX Server 4.0
VMWare ESX Server 4.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:20812
 
Oval ID: oval:org.mitre.oval:def:20812
Title: USN-1228-1 -- linux-ti-omap4 vulnerabilities
Description: Several security issues were fixed in the kernel.
Family: unix Class: patch
Reference(s): USN-1228-1
CVE-2011-1776
CVE-2011-2213
CVE-2011-2497
CVE-2011-2695
CVE-2011-2700
CVE-2011-2723
CVE-2011-2928
CVE-2011-3188
CVE-2011-3191
Version: 5
Platform(s): Ubuntu 11.04
Product(s): linux-ti-omap4
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21107
 
Oval ID: oval:org.mitre.oval:def:21107
Title: USN-1225-1 -- linux vulnerabilities
Description: Multiple kernel flaws have been fixed.
Family: unix Class: patch
Reference(s): USN-1225-1
CVE-2011-1776
CVE-2011-2213
CVE-2011-2497
CVE-2011-2699
CVE-2011-2928
CVE-2011-3191
Version: 5
Platform(s): Ubuntu 8.04
Product(s): linux
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:21155
 
Oval ID: oval:org.mitre.oval:def:21155
Title: RHSA-2012:0007: kernel security, bug fix, and enhancement update (Important)
Description: Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482.
Family: unix Class: patch
Reference(s): RHSA-2012:0007-01
CESA-2012:0007
CVE-2011-1020
CVE-2011-3637
CVE-2011-4077
CVE-2011-4132
CVE-2011-4324
CVE-2011-4325
CVE-2011-4330
CVE-2011-4348
Version: 107
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22108
 
Oval ID: oval:org.mitre.oval:def:22108
Title: RHSA-2011:1852: krb5-appl security update (Critical)
Description: Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
Family: unix Class: patch
Reference(s): RHSA-2011:1852-02
CESA-2011:1852
CVE-2011-4862
Version: 4
Platform(s): Red Hat Enterprise Linux 6
CentOS Linux 6
Product(s): krb5-appl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:22146
 
Oval ID: oval:org.mitre.oval:def:22146
Title: RHSA-2011:1851: krb5 security update (Critical)
Description: Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
Family: unix Class: patch
Reference(s): RHSA-2011:1851-02
CESA-2011:1851
CVE-2011-4862
Version: 4
Platform(s): Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): krb5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23091
 
Oval ID: oval:org.mitre.oval:def:23091
Title: ELSA-2012:0007: kernel security, bug fix, and enhancement update (Important)
Description: Race condition in the sctp_rcv function in net/sctp/input.c in the Linux kernel before 2.6.29 allows remote attackers to cause a denial of service (system hang) via SCTP packets. NOTE: in some environments, this issue exists because of an incomplete fix for CVE-2011-2482.
Family: unix Class: patch
Reference(s): ELSA-2012:0007-01
CVE-2011-1020
CVE-2011-3637
CVE-2011-4077
CVE-2011-4132
CVE-2011-4324
CVE-2011-4325
CVE-2011-4330
CVE-2011-4348
Version: 37
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23239
 
Oval ID: oval:org.mitre.oval:def:23239
Title: ELSA-2011:1851: krb5 security update (Critical)
Description: Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
Family: unix Class: patch
Reference(s): ELSA-2011:1851-02
CVE-2011-4862
Version: 6
Platform(s): Oracle Linux 5
Product(s): krb5
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23380
 
Oval ID: oval:org.mitre.oval:def:23380
Title: ELSA-2011:1852: krb5-appl security update (Critical)
Description: Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
Family: unix Class: patch
Reference(s): ELSA-2011:1852-02
CVE-2011-4862
Version: 6
Platform(s): Oracle Linux 6
Product(s): krb5-appl
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27889
 
Oval ID: oval:org.mitre.oval:def:27889
Title: DEPRECATED: ELSA-2012-0007 -- kernel security, bug fix, and enhancement update (important)
Description: [2.6.18-274.17.1.0.1.el5] - fix ia64 build error due to add-support-above-32-vcpus.patch(Zhenzhong Duan) - [x86] use dynamic vcpu_info remap to support more than 32 vcpus (Zhenzhong Duan) - [scsi] add additional scsi medium error handling (John Sobecki) [orabug 12904887] - [x86] Fix lvt0 reset when hvm boot up with noapic param - [scsi] remove printk's when doing I/O to a dead device (John Sobecki, Chris Mason) [orabug 12342275] - [char] ipmi: Fix IPMI errors due to timing problems (Joe Jin) [orabug 12561346] - [scsi] Fix race when removing SCSI devices (Joe Jin) [orabug 12404566] - bonding: reread information about speed and duplex when interface goes up (John Haxby) [orabug 11890822] - [fs] nfs: Fix __put_nfs_open_context() NULL pointer panic (Joe Jin) [orabug 12687646] - [scsi] fix scsi hotplug and rescan race [orabug 10260172] - fix filp_close() race (Joe Jin) [orabug 10335998] - make xenkbd.abs_pointer=1 by default [orabug 67188919] - [xen] check to see if hypervisor supports memory reservation change (Chuck Anderson) [orabug 7556514] - [net] Enable entropy for bnx2,bnx2x,e1000e,igb,ixgb,ixgbe,ixgbevf (John Sobecki) [orabug 10315433] - [NET] Add xen pv netconsole support (Tina Yang) [orabug 6993043] [bz 7258] - [mm] shrink_zone patch (John Sobecki,Chris Mason) [orabug 6086839] - fix aacraid not to reset during kexec (Joe Jin) [orabug 8516042] - [rds] Patch rds to 1.4.2-20 (Andy Grover) [orabug 9471572, 9344105] RDS: Fix BUG_ONs to not fire when in a tasklet ipoib: Fix lockup of the tx queue RDS: Do not call set_page_dirty() with irqs off (Sherman Pun) RDS: Properly unmap when getting a remote access error (Tina Yang) RDS: Fix locking in rds_send_drop_to() - [xen] PVHVM guest with PoD crashes under memory pressure (Chuck Anderson) [orabug 9107465] - [xen] PV guest with FC HBA hangs during shutdown (Chuck Anderson) [orabug 9764220] - Support 256GB+ memory for pv guest (Mukesh Rathor) [orabug 9450615] - fix overcommit memory to use percpu_counter for el5 (KOSAKI Motohiro, Guru Anbalagane) [orabug 6124033] - [ipmi] make configurable timeouts for kcs of ipmi [orabug 9752208] - [ib] fix memory corruption (Andy Grover) [orabug 9972346] - [aio] patch removes limit on number of retries (Srinivas Eeda) [orabug 10044782] - [loop] Do not call loop_unplug for not configured loop device (orabug 10314497)
Family: unix Class: patch
Reference(s): ELSA-2012-0007
CVE-2011-1020
CVE-2011-3637
CVE-2011-4077
CVE-2011-4132
CVE-2011-4324
CVE-2011-4325
CVE-2011-4330
CVE-2011-4348
Version: 4
Platform(s): Oracle Linux 5
Product(s): kernel
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27975
 
Oval ID: oval:org.mitre.oval:def:27975
Title: DEPRECATED: ELSA-2011-1852 -- krb5-appl security update (critical)
Description: [1.0.1-7] - Correct patch, bump release [1.0.1-6] - Fix for CVE-2011-4862
Family: unix Class: patch
Reference(s): ELSA-2011-1852
CVE-2011-4862
Version: 4
Platform(s): Oracle Linux 6
Product(s): krb5-appl
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 1
Application 1
Application 1
Application 1
Os 3
Os 2
Os 289
Os 1408
Os 2
Os 1
Os 2
Os 6
Os 2
Os 3
Os 3

SAINT Exploits

Description Link
Telnetd Encryption Key ID Code Execution More info here

OpenVAS Exploits

Date Description
2012-08-02 Name : SuSE Update for krb5-appl openSUSE-SU-2012:0051-1 (krb5-appl)
File : nvt/gb_suse_2012_0051_1.nasl
2012-08-02 Name : SuSE Update for krb5-appl openSUSE-SU-2012:0019-1 (krb5-appl)
File : nvt/gb_suse_2012_0019_1.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:1212 centos5 x86_64
File : nvt/gb_CESA-2011_1212_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2011:1386 centos5 x86_64
File : nvt/gb_CESA-2011_1386_kernel_centos5_x86_64.nasl
2012-07-30 Name : CentOS Update for krb5-devel CESA-2011:1851 centos4
File : nvt/gb_CESA-2011_1851_krb5-devel_centos4.nasl
2012-07-30 Name : CentOS Update for krb5-devel CESA-2011:1851 centos5
File : nvt/gb_CESA-2011_1851_krb5-devel_centos5.nasl
2012-07-30 Name : CentOS Update for krb5-appl-clients CESA-2011:1852 centos6
File : nvt/gb_CESA-2011_1852_krb5-appl-clients_centos6.nasl
2012-07-30 Name : CentOS Update for kernel CESA-2012:0007 centos5
File : nvt/gb_CESA-2012_0007_kernel_centos5.nasl
2012-07-09 Name : RedHat Update for krb5-appl RHSA-2011:1852-02
File : nvt/gb_RHSA-2011_1852-02_krb5-appl.nasl
2012-07-09 Name : RedHat Update for kernel RHSA-2011:1465-01
File : nvt/gb_RHSA-2011_1465-01_kernel.nasl
2012-06-25 Name : Fedora Update for kernel FEDORA-2012-8931
File : nvt/gb_fedora_2012_8931_kernel_fc15.nasl
2012-06-13 Name : Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2711167)
File : nvt/secpod_ms12-042.nasl
2012-05-17 Name : Fedora Update for kernel FEDORA-2012-7594
File : nvt/gb_fedora_2012_7594_kernel_fc15.nasl
2012-04-26 Name : Fedora Update for kernel FEDORA-2012-6406
File : nvt/gb_fedora_2012_6406_kernel_fc15.nasl
2012-04-02 Name : Fedora Update for kernel FEDORA-2011-12823
File : nvt/gb_fedora_2011_12823_kernel_fc16.nasl
2012-04-02 Name : VMSA-2012-0006 VMware ESXi and ESX address several security issues
File : nvt/gb_VMSA-2012-0006.nasl
2012-03-29 Name : Fedora Update for kernel FEDORA-2012-3715
File : nvt/gb_fedora_2012_3715_kernel_fc15.nasl
2012-03-19 Name : Fedora Update for krb5-appl FEDORA-2011-17493
File : nvt/gb_fedora_2011_17493_krb5-appl_fc16.nasl
2012-03-16 Name : Fedora Update for kernel FEDORA-2012-3356
File : nvt/gb_fedora_2012_3356_kernel_fc15.nasl
2012-03-15 Name : VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Ser...
File : nvt/gb_VMSA-2012-0001.nasl
2012-03-12 Name : Gentoo Security Advisory GLSA 201202-05 (heimdal)
File : nvt/glsa_201202_05.nasl
2012-03-07 Name : Fedora Update for kernel FEDORA-2012-2753
File : nvt/gb_fedora_2012_2753_kernel_fc15.nasl
2012-02-13 Name : Fedora Update for kernel FEDORA-2012-1503
File : nvt/gb_fedora_2012_1503_kernel_fc15.nasl
2012-02-12 Name : Gentoo Security Advisory GLSA 201201-14 (mit-krb5-appl)
File : nvt/glsa_201201_14.nasl
2012-02-11 Name : Debian Security Advisory DSA 2373-1 (inetutils)
File : nvt/deb_2373_1.nasl
2012-02-11 Name : Debian Security Advisory DSA 2372-1 (heimdal)
File : nvt/deb_2372_1.nasl
2012-01-25 Name : Fedora Update for kernel FEDORA-2012-0861
File : nvt/gb_fedora_2012_0861_kernel_fc15.nasl
2012-01-16 Name : Fedora Update for kernel FEDORA-2012-0492
File : nvt/gb_fedora_2012_0492_kernel_fc15.nasl
2012-01-13 Name : RedHat Update for kernel RHSA-2012:0007-01
File : nvt/gb_RHSA-2012_0007-01_kernel.nasl
2012-01-09 Name : Fedora Update for krb5-appl FEDORA-2011-17492
File : nvt/gb_fedora_2011_17492_krb5-appl_fc15.nasl
2011-12-30 Name : RedHat Update for krb5 RHSA-2011:1851-01
File : nvt/gb_RHSA-2011_1851-01_krb5.nasl
2011-12-30 Name : Mandriva Update for krb5-appl MDVSA-2011:195 (krb5-appl)
File : nvt/gb_mandriva_MDVSA_2011_195.nasl
2011-12-28 Name : FreeBSD 'telnetd' Daemon Remote Buffer Overflow Vulnerability
File : nvt/gb_freebsd_telnetd_51182.nasl
2011-12-12 Name : Fedora Update for kernel FEDORA-2011-16621
File : nvt/gb_fedora_2011_16621_kernel_fc15.nasl
2011-12-02 Name : Fedora Update for kernel FEDORA-2011-16346
File : nvt/gb_fedora_2011_16346_kernel_fc14.nasl
2011-11-18 Name : Fedora Update for kernel FEDORA-2011-15856
File : nvt/gb_fedora_2011_15856_kernel_fc15.nasl
2011-11-11 Name : Ubuntu Update for linux-lts-backport-natty USN-1256-1
File : nvt/gb_ubuntu_USN_1256_1.nasl
2011-11-11 Name : Ubuntu Update for linux USN-1253-1
File : nvt/gb_ubuntu_USN_1253_1.nasl
2011-11-08 Name : Fedora Update for kernel FEDORA-2011-15241
File : nvt/gb_fedora_2011_15241_kernel_fc14.nasl
2011-10-31 Name : Ubuntu Update for linux-mvl-dove USN-1245-1
File : nvt/gb_ubuntu_USN_1245_1.nasl
2011-10-31 Name : Ubuntu Update for linux-fsl-imx51 USN-1241-1
File : nvt/gb_ubuntu_USN_1241_1.nasl
2011-10-31 Name : Ubuntu Update for linux-mvl-dove USN-1240-1
File : nvt/gb_ubuntu_USN_1240_1.nasl
2011-10-31 Name : Ubuntu Update for linux-ec2 USN-1239-1
File : nvt/gb_ubuntu_USN_1239_1.nasl
2011-10-31 Name : Ubuntu Update for linux USN-1246-1
File : nvt/gb_ubuntu_USN_1246_1.nasl
2011-10-31 Name : Fedora Update for kernel FEDORA-2011-14747
File : nvt/gb_fedora_2011_14747_kernel_fc14.nasl
2011-10-21 Name : CentOS Update for kernel CESA-2011:1386 centos5 i386
File : nvt/gb_CESA-2011_1386_kernel_centos5_i386.nasl
2011-10-21 Name : RedHat Update for kernel RHSA-2011:1386-01
File : nvt/gb_RHSA-2011_1386-01_kernel.nasl
2011-10-14 Name : Ubuntu Update for linux USN-1227-1
File : nvt/gb_ubuntu_USN_1227_1.nasl
2011-10-14 Name : Ubuntu Update for linux-ti-omap4 USN-1228-1
File : nvt/gb_ubuntu_USN_1228_1.nasl
2011-10-10 Name : Fedora Update for kernel FEDORA-2011-13809
File : nvt/gb_fedora_2011_13809_kernel_fc15.nasl
2011-10-10 Name : Fedora Update for kernel FEDORA-2011-12874
File : nvt/gb_fedora_2011_12874_kernel_fc14.nasl
2011-10-10 Name : Ubuntu Update for linux USN-1225-1
File : nvt/gb_ubuntu_USN_1225_1.nasl
2011-09-30 Name : Ubuntu Update for linux-ti-omap4 USN-1220-1
File : nvt/gb_ubuntu_USN_1220_1.nasl
2011-09-30 Name : Ubuntu Update for linux-lts-backport-maverick USN-1219-1
File : nvt/gb_ubuntu_USN_1219_1.nasl
2011-09-23 Name : CentOS Update for kernel CESA-2011:1212 centos5 i386
File : nvt/gb_CESA-2011_1212_kernel_centos5_i386.nasl
2011-09-12 Name : RedHat Update for kernel RHSA-2011:1212-01
File : nvt/gb_RHSA-2011_1212-01_kernel.nasl
0000-00-00 Name : FreeBSD Ports: krb5-appl
File : nvt/freebsd_krb5-appl.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
78303 Linux Kernel sctp_rcv() / sctp_accept() Socket Lock Race Remote DoS

78020 FreeBSD telnetd Multiple telnet/libtelnet/encrypt.c encrypt_keyid() Function ...

75240 Linux Kernel Stream Control Transmission Protocol (SCTP) Packet Handling Remo...

74910 Linux Kernel fs/cifs/cifssmb.c CIFSFindNext() Function Signedness Error CIFS ...

Information Assurance Vulnerability Management (IAVM)

Date Description
2012-05-03 IAVM : 2012-A-0073 - Multiple Vulnerabilities in VMware ESXi 4.1 and ESX 4.1
Severity : Category I - VMSKEY : V0032171
2012-04-12 IAVM : 2012-A-0055 - VMWare ESX 3.5 and ESXi 3.5 Privilege Escalation Vulnerability
Severity : Category I - VMSKEY : V0031978
2012-04-12 IAVM : 2012-A-0056 - Multiple Vulnerabilities in VMWare ESX 4.0 and ESXi 4.0
Severity : Category I - VMSKEY : V0031979
2012-02-02 IAVM : 2012-A-0020 - Multiple Vulnerabilities in VMware ESX 4.1 and ESXi 4.1
Severity : Category I - VMSKEY : V0031252

Snort® IPS/IDS

Date Description
2014-01-10 FreeBSD telnetd dec_keyid overflow attempt
RuleID : 20813 - Revision : 9 - Type : PROTOCOL-TELNET
2014-01-10 FreeBSD telnetd enc_keyid overflow attempt
RuleID : 20812 - Revision : 9 - Type : PROTOCOL-TELNET

Nessus® Vulnerability Scanner

Date Description
2016-03-03 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0008_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0006_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote VMware ESXi / ESX host is missing a security-related patch.
File : vmware_VMSA-2012-0001_remote.nasl - Type : ACT_GATHER_INFO
2015-01-19 Name : The remote Solaris system is missing a security patch for third-party software.
File : solaris11_telnet_20120404.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2013-0039.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2011-0015.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote security appliance is missing a vendor-supplied patch.
File : cisco-sa-20120126-wsa.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote security appliance is missing a vendor-supplied security patch.
File : cisco-sa-20120126-esa.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote security appliance is missing a vendor-supplied patch.
File : cisco-sa-20120126-sma.nasl - Type : ACT_GATHER_INFO
2014-11-17 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2011-1408.nasl - Type : ACT_GATHER_INFO
2014-07-22 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0010.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_krb5-appl-111229.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_4_kernel-111026.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_krb5-appl-111229.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_3_kernel-111026.nasl - Type : ACT_GATHER_INFO
2014-06-13 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2012-17.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-26.nasl - Type : ACT_GATHER_INFO
2013-09-04 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2011-16.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1212.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1851.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-1852.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2011-2033.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2012-0007.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1813.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1854.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1853.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111227_krb5_appl_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111122_kernel_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111020_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20110906_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20111227_krb5_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20120110_kernel_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-06-13 Name : The Windows kernel is affected by multiple elevation of privilege vulnerabili...
File : smb_nt_ms12-042.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7729.nasl - Type : ACT_GATHER_INFO
2012-05-17 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7811.nasl - Type : ACT_GATHER_INFO
2012-04-28 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2012-0008.nasl - Type : ACT_GATHER_INFO
2012-03-30 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0006.nasl - Type : ACT_GATHER_INFO
2012-02-23 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201202-05.nasl - Type : ACT_GATHER_INFO
2012-01-31 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2012-0001.nasl - Type : ACT_GATHER_INFO
2012-01-24 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201201-14.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2012-0007.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2372.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2373.nasl - Type : ACT_GATHER_INFO
2012-01-12 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2375.nasl - Type : ACT_GATHER_INFO
2012-01-11 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2012-0007.nasl - Type : ACT_GATHER_INFO
2012-01-06 Name : The remote Fedora host is missing a security update.
File : fedora_2011-17492.nasl - Type : ACT_GATHER_INFO
2012-01-06 Name : The remote Fedora host is missing a security update.
File : fedora_2011-17493.nasl - Type : ACT_GATHER_INFO
2012-01-03 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_krb5-111229.nasl - Type : ACT_GATHER_INFO
2012-01-03 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_krb5-7899.nasl - Type : ACT_GATHER_INFO
2011-12-29 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2011-195.nasl - Type : ACT_GATHER_INFO
2011-12-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1852.nasl - Type : ACT_GATHER_INFO
2011-12-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1851.nasl - Type : ACT_GATHER_INFO
2011-12-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1852.nasl - Type : ACT_GATHER_INFO
2011-12-28 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1851.nasl - Type : ACT_GATHER_INFO
2011-12-27 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_4ddc78dc300a11e1a2aa0016ce01e285.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_kernel-110930.nasl - Type : ACT_GATHER_INFO
2011-12-13 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7812.nasl - Type : ACT_GATHER_INFO
2011-11-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1465.nasl - Type : ACT_GATHER_INFO
2011-11-10 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1256-1.nasl - Type : ACT_GATHER_INFO
2011-11-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1253-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1240-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1239-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1241-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-1245-1.nasl - Type : ACT_GATHER_INFO
2011-10-26 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1246-1.nasl - Type : ACT_GATHER_INFO
2011-10-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_kernel-7734.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-21 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1386.nasl - Type : ACT_GATHER_INFO
2011-10-13 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1228-1.nasl - Type : ACT_GATHER_INFO
2011-10-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1227-1.nasl - Type : ACT_GATHER_INFO
2011-10-10 Name : The remote Fedora host is missing a security update.
File : fedora_2011-12874.nasl - Type : ACT_GATHER_INFO
2011-10-05 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1225-1.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1219-1.nasl - Type : ACT_GATHER_INFO
2011-09-30 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-1220-1.nasl - Type : ACT_GATHER_INFO
2011-09-26 Name : The remote Fedora host is missing a security update.
File : fedora_2011-12823.nasl - Type : ACT_GATHER_INFO
2011-09-26 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2310.nasl - Type : ACT_GATHER_INFO
2011-09-23 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2011-1212.nasl - Type : ACT_GATHER_INFO
2011-09-09 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-2303.nasl - Type : ACT_GATHER_INFO
2011-09-07 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2011-1212.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2016-03-04 13:26:25
  • Multiple Updates
2014-02-17 12:07:22
  • Multiple Updates
2013-11-11 12:41:40
  • Multiple Updates
2013-06-08 17:23:03
  • Multiple Updates