Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2015-2018 Tenable Network Security, Inc.VMWARE_ESXI_5_5_BUILD_1623387_REMOTE.NASL
HistoryMay 22, 2015 - 12:00 a.m.

ESXi 5.5 < Build 1623387 Multiple Vulnerabilities (remote check)

2015-05-2200:00:00
This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.
www.tenable.com
103
JSON

The remote VMware ESXi host is version 5.5 prior to build 1623387. It is, therefore, affected by multiple vulnerabilities :

  • Multiple integer overflow conditions exist in the bundled GNU C Library (glibc) due to improper validation of user-supplied input. A remote attacker can exploit these issues to cause a buffer overflow, resulting in a denial of service condition. (CVE-2013-4332)

  • A flaw exists in the monlist feature in NTP. A remote attacker can exploit this flaw, using a specially crafted packet to load the query function in monlist, to conduct a distributed denial of service attack.
    (CVE-2013-5211)

#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(83781);
  script_version("1.5");
  script_cvs_date("Date: 2018/08/06 14:03:15");

  script_cve_id("CVE-2013-4332", "CVE-2013-5211");
  script_bugtraq_id(62324, 64692);
  script_xref(name:"CERT", value:"348126");
  script_xref(name:"VMSA", value:"2014-0002");

  script_name(english:"ESXi 5.5 < Build 1623387 Multiple Vulnerabilities (remote check)");
  script_summary(english:"Checks the ESXi version and build number.");

  script_set_attribute(attribute:"synopsis", value:
"The remote VMware ESXi 5.5 host is affected by multiple
vulnerabilities.");
  script_set_attribute(attribute:"description", value:
"The remote VMware ESXi host is version 5.5 prior to build 1623387. It
is, therefore, affected by multiple vulnerabilities :

  - Multiple integer overflow conditions exist in the
    bundled GNU C Library (glibc) due to improper validation
    of user-supplied input. A remote attacker can exploit
    these issues to cause a buffer overflow, resulting in a
    denial of service condition. (CVE-2013-4332)

  - A flaw exists in the monlist feature in NTP. A remote
    attacker can exploit this flaw, using a specially
    crafted packet to load the query function in monlist, to
    conduct a distributed denial of service attack.
    (CVE-2013-5211)");
  script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2014-0002.html");
  # https://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=2065826
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?5842205d");
  script_set_attribute(attribute:"solution", value:
"Apply patch ESXi550-201403101-SG for ESXi 5.5.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2010/04/29");
  script_set_attribute(attribute:"patch_publication_date", value:"2014/03/11");
  script_set_attribute(attribute:"plugin_publication_date", value:"2015/05/22");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:ntp:ntp");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:gnu:glibc");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.");

  script_dependencies("vmware_vsphere_detect.nbin");
  script_require_keys("Host/VMware/version", "Host/VMware/release");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

ver = get_kb_item_or_exit("Host/VMware/version");
rel = get_kb_item_or_exit("Host/VMware/release");

if ("ESXi" >!< rel) audit(AUDIT_OS_NOT, "ESXi");
if ("VMware ESXi 5.5" >!< rel) audit(AUDIT_OS_NOT, "ESXi 5.5");

match = eregmatch(pattern:'^VMware ESXi.*build-([0-9]+)$', string:rel);
if (isnull(match)) exit(1, 'Failed to extract the ESXi build number.');

build       = int(match[1]);
fixed_build = 1623387;

if (build < fixed_build)
{
  if (report_verbosity > 0)
  {
    report = '\n  ESXi version    : ' + ver +
             '\n  Installed build : ' + build +
             '\n  Fixed build     : ' + fixed_build +
             '\n';
    security_warning(port:0, extra:report);
  }
  else security_warning(0);
}
else audit(AUDIT_INST_VER_NOT_VULN, "VMware ESXi", ver - "ESXi " + " build " + build);
VendorProductVersionCPE
vmwareesxicpe:/o:vmware:esxi
ntpntpcpe:/a:ntp:ntp
gnuglibccpe:/a:gnu:glibc

Related

vmware 2
nessus 59
openvas 35
oraclelinux 7
ibm 14
veracode 1
ubuntucve 2
redhat 3
checkpoint_advisories 1
suse 3
zdt 1
securityvulns 5
threatpost 4
cert 1
cve 2
freebsd 1
exploitpack 1
packetstorm 1
checkpoint_security 1
fortinet 1
thn 1
f5 2
metasploit 1
freebsd_advisory 1
gentoo 2
ics 1
mageia 2
aix 1
amazon 3
prion 2
debiancve 2
centos 2
slackware 1
exploitdb 1
fedora 3
altlinux 3
ubuntu 1
debian 1
osv 1
vmware
vmware
VMware vSphere updates to third party libraries
2014-03-11 00:00:00
VMware vSphere updates to third party libraries
2014-03-11 00:00:00
nessus
nessus
VMSA-2014-0002 : VMware vSphere updates to third-party libraries
2014-03-12 00:00:00
VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2014-0002)
2015-12-30 00:00:00
RHEL 5 : glibc (RHSA-2013:1411)
2013-10-09 00:00:00
openvas
openvas
VMSA-2014-0002 VMware vSphere updates to third party libraries
2014-03-12 00:00:00
VMSA-2014-0002 VMware vSphere updates to third party libraries (remote check)
2014-03-12 00:00:00
VMSA-2014-0002 VMware vSphere updates to third party libraries
2014-03-12 00:00:00
oraclelinux
oraclelinux
glibc security and bug fix update
2013-10-08 00:00:00
ntp security update
2016-09-09 00:00:00
ntp security update
2016-09-09 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in glibc affects Integrated Management Module 2 (IMM2) (CVE-2013-4332)
2019-01-31 01:55:01
Security Bulletin: NTP vulnerability in Network Intrusion Prevention System (CVE-2013-5211)
2022-02-23 19:48:26
Security Bulletin: The IBM Chassis Management Module (CMM) is affected by a vulnerability in NTP server (CVE-2013-5211)
2019-01-31 01:25:01
veracode
veracode
Denial Of Service (DoS)
2019-01-15 09:00:29
ubuntucve
ubuntucve
CVE-2013-4332
2013-10-09 00:00:00
CVE-2013-5211
2014-01-02 00:00:00
redhat
redhat
(RHSA-2013:1411) Moderate: glibc security and bug fix update
2013-10-08 00:00:00
(RHSA-2013:1605) Moderate: glibc security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2013:1527) Important: rhev-hypervisor6 security and bug fix update
2013-11-21 00:00:00
checkpoint_advisories
checkpoint_advisories
NTP Servers Monlist Command Denial of Service (CVE-2013-5211)
2014-01-19 00:00:00
suse
suse
DDoS reflection attacks in ntp
2014-01-20 17:05:38
Security update for glibc (important)
2014-09-12 06:04:16
Security update for glibc (important)
2014-09-15 19:04:18
zdt
zdt
NTP ntpd monlist Query Reflection - Denial of Service
2014-04-29 00:00:00
securityvulns
securityvulns
ntp traffic amplification
2014-01-14 00:00:00
[security bulletin] HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service &#40;DoS&#41;
2014-01-14 00:00:00
TA14-013A: NTP Amplification Attacks Using CVE-2013-5211
2014-01-14 00:00:00
threatpost
threatpost
Volume of NTP Amplification Attacks Getting Louder
2014-04-29 13:03:29
NTP Amplification Blamed for 400 Gbps DDoS Attack
2014-02-11 12:21:35
NTP Amplification Flaw To Blame For Gaming DDoS Attacks
2014-01-14 12:45:33
cert
cert
NTP can be abused to amplify denial-of-service attack traffic
2014-01-10 00:00:00
cve
cve
CVE-2013-4332
2013-10-09 22:55:00
CVE-2013-5211
2014-01-02 14:59:00
freebsd
freebsd
ntpd DRDoS / Amplification Attack using ntpdc monlist command
2014-01-01 00:00:00
exploitpack
exploitpack
NTP ntpd monlist Query Reflection - Denial of Service
2014-04-28 00:00:00
packetstorm
packetstorm
NTP Amplification Denial Of Service Tool
2014-07-16 00:00:00
checkpoint_security
checkpoint_security
Blocking NTP access on Gaia OS / IPSO OS (CVE-2013-5211)
2014-03-01 22:00:00
fortinet
fortinet
FortiAnalyzer could potentially be used in NTP amplification attacks
2020-06-22 00:00:00
thn
thn
Abusing Network Time Protocol (NTP) to perform massive Reflection DDoS attack
2014-01-02 20:25:00
f5
f5
K15154 : NTP vulnerability CVE-2013-5211
2014-04-10 00:00:00
SOL15154 - NTP vulnerability CVE-2013-5211
2014-04-10 00:00:00
metasploit
metasploit
NTP Monitor List Scanner
2010-01-27 23:25:17
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:02.ntpd
2014-01-14 00:00:00
gentoo
gentoo
NTP: Traffic amplification
2014-01-16 00:00:00
GNU C Library: Multiple vulnerabilities
2015-03-08 00:00:00
ics
ics
NTP Reflection Attack
2018-09-06 12:00:00
mageia
mageia
Updated ntp packages work around security vulnerability
2014-01-31 20:44:56
Updated glibc package fixes security vulnerabilities
2013-11-22 22:44:49
aix
aix
Network Time Protocol (NTP) vulnerability in AIX,Network Time Protocol (NTP) vulnerability in VIOS
2014-06-12 16:24:51
amazon
amazon
Medium: ntp
2021-09-08 23:35:00
Medium: glibc
2013-12-17 21:39:00
Medium: ntp
2018-05-10 17:01:00
prion
prion
Integer overflow
2013-10-09 22:55:00
Security feature bypass
2014-01-02 14:59:00
debiancve
debiancve
CVE-2013-4332
2013-10-09 22:55:00
CVE-2013-5211
2014-01-02 14:59:00
centos
centos
glibc, nscd security update
2013-10-08 20:20:03
glibc, nscd security update
2013-11-26 13:31:38
slackware
slackware
ntp
2014-02-13 16:38:35
exploitdb
exploitdb
NTP ntpd monlist Query Reflection - Denial of Service
2014-04-28 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: glibc-2.18-9.fc20
2013-09-26 06:13:02
[SECURITY] Fedora 19 Update: glibc-2.17-18.fc19
2013-09-28 00:07:09
[SECURITY] Fedora 19 Update: glibc-2.17-21.fc19
2014-10-19 13:24:18
altlinux
altlinux
Security fix for the ALT Linux 6 package glibc version 6:2.11.3-alt8.M60P.3
2015-12-23 00:00:00
Security fix for the ALT Linux 7 package glibc version 6:2.17-alt6
2014-01-11 00:00:00
Security fix for the ALT Linux 9 package glibc version 6:2.17-alt6
2014-01-11 00:00:00
ubuntu
ubuntu
GNU C Library vulnerabilities
2013-10-21 00:00:00
debian
debian
[SECURITY] [DLA 165-1] eglibc security update
2015-03-06 15:40:37
osv
osv
eglibc - security update
2015-03-06 00:00:00
JSON
Related for VMWARE_ESXI_5_5_BUILD_1623387_REMOTE.NASL
vmware2nessus59openvas35oraclelinux7ibm14veracode1ubuntucve2redhat3checkpoint_advisories1suse3zdt1securityvulns5threatpost4cert1cve2freebsd1exploitpack1packetstorm1checkpoint_security1fortinet1thn1f52metasploit1freebsd_advisory1gentoo2ics1mageia2aix1amazon3prion2debiancve2centos2slackware1exploitdb1fedora3altlinux3ubuntu1debian1osv1