Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.VMWARE_ESX_VMSA-2013-0003_REMOTE.NASL
HistoryMar 04, 2016 - 12:00 a.m.

VMware ESX / ESXi NFC and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0003) (remote check)

2016-03-0400:00:00
This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
18
JSON

The remote VMware ESX / ESXi host is missing a security-related patch.
It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries :

  • Java Runtime Environment (JRE)
  • Network File Copy (NFC) Protocol
  • OpenSSL
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(89663);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/03/29");

  script_cve_id(
    "CVE-2012-1531",
    "CVE-2012-1532",
    "CVE-2012-1533",
    "CVE-2012-2110",
    "CVE-2012-3143",
    "CVE-2012-3159",
    "CVE-2012-3216",
    "CVE-2012-4416",
    "CVE-2012-5067",
    "CVE-2012-5068",
    "CVE-2012-5069",
    "CVE-2012-5070",
    "CVE-2012-5071",
    "CVE-2012-5072",
    "CVE-2012-5073",
    "CVE-2012-5074",
    "CVE-2012-5075",
    "CVE-2012-5076",
    "CVE-2012-5077",
    "CVE-2012-5078",
    "CVE-2012-5079",
    "CVE-2012-5080",
    "CVE-2012-5081",
    "CVE-2012-5082",
    "CVE-2012-5083",
    "CVE-2012-5084",
    "CVE-2012-5085",
    "CVE-2012-5086",
    "CVE-2012-5087",
    "CVE-2012-5088",
    "CVE-2012-5089",
    "CVE-2013-1659"
  );
  script_bugtraq_id(
    53158,
    55501,
    56025,
    56033,
    56039,
    56043,
    56046,
    56051,
    56054,
    56055,
    56056,
    56057,
    56058,
    56059,
    56061,
    56063,
    56065,
    56066,
    56067,
    56068,
    56070,
    56071,
    56072,
    56075,
    56076,
    56078,
    56079,
    56080,
    56081,
    56082,
    56083,
    58115
  );
  script_xref(name:"VMSA", value:"2013-0003");
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2022/04/18");

  script_name(english:"VMware ESX / ESXi NFC and Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0003) (remote check)");

  script_set_attribute(attribute:"synopsis", value:
"The remote VMware ESX / ESXi host is missing a security-related patch.");
  script_set_attribute(attribute:"description", value:
"The remote VMware ESX / ESXi host is missing a security-related patch.
It is, therefore, affected by multiple vulnerabilities, including
remote code execution vulnerabilities, in several components and
third-party libraries :

  - Java Runtime Environment (JRE)
  - Network File Copy (NFC) Protocol
  - OpenSSL");
  script_set_attribute(attribute:"see_also", value:"https://www.vmware.com/security/advisories/VMSA-2013-0003.html");
  # http://www.oracle.com/technetwork/topics/security/javacpuoct2012-1515924.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?b0eb44d4");
  script_set_attribute(attribute:"solution", value:
"Apply the appropriate patch according to the vendor advisory that
pertains to ESX version 3.5 / 4.0 / 4.1 or ESXi version 3.5 / 4.0 /
4.1.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:H/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:H/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2012-5088");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_core", value:"true");
  script_set_attribute(attribute:"exploited_by_malware", value:"true");
  script_set_attribute(attribute:"metasploit_name", value:'Java Applet Method Handle Remote Code Execution');
  script_set_attribute(attribute:"exploit_framework_metasploit", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"vuln_publication_date", value:"2013/02/21");
  script_set_attribute(attribute:"patch_publication_date", value:"2013/02/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2016/03/04");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esx");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("vmware_vsphere_detect.nbin");
  script_require_keys("Host/VMware/version", "Host/VMware/release");
  script_require_ports("Host/VMware/vsphere");

  exit(0);
}

include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");

ver   = get_kb_item_or_exit("Host/VMware/version");
rel   = get_kb_item_or_exit("Host/VMware/release");
port  = get_kb_item_or_exit("Host/VMware/vsphere");
esx   = '';
build = 0;
fix   = FALSE;

if ("ESX" >!< rel)
  audit(AUDIT_OS_NOT, "VMware ESX/ESXi");

extract = eregmatch(pattern:"^(ESXi?) (\d\.\d).*$", string:ver);
if (empty_or_null(extract))
  audit(AUDIT_UNKNOWN_APP_VER, "VMware ESX/ESXi");

esx = extract[1];
ver = extract[2];

extract = eregmatch(pattern:'^VMware ESXi?.* build-([0-9]+)$', string:rel);
if (isnull(extract))
  audit(AUDIT_UNKNOWN_BUILD, "VMware " + esx, ver);

build = int(extract[1]);

fixes = make_array(
    "4.1", 874690,
    "4.0", 989856,
    "3.5", 988599
);

fix = fixes[ver];

if (!fix)
  audit(AUDIT_INST_VER_NOT_VULN, esx, ver, build);

if (build < fix)
{
  report = '\n  Version         : ' + esx + " " + ver +
           '\n  Installed build : ' + build +
           '\n  Fixed build     : ' + fix +
           '\n';
  security_report_v4(port:port, severity:SECURITY_HOLE, extra:report);
  exit(0);
}
else
  audit(AUDIT_INST_VER_NOT_VULN, "VMware " + esx, ver, build);
VendorProductVersionCPE
vmwareesxcpe:/o:vmware:esx
vmwareesxicpe:/o:vmware:esxi

References

Related

suse 9
nessus 42
securityvulns 1
redhat 9
ubuntu 1
openvas 44
oraclelinux 3
ibm 8
amazon 2
centos 3
threatpost 2
veracode 22
cve 15
prion 14
metasploit 2
thn 1
seebug 1
ubuntucve 12
vmware 1
exploitdb 1
checkpoint_advisories 2
saint 1
canvas 1
packetstorm 1
zdt 1
suse
suse
Security update for OpenJDK (important)
2012-10-24 22:08:57
java-1_7_0-openjdk: Update to icedtea-2.3.3 (important)
2012-10-31 16:11:24
Security update for IBM Java 1.7.0 (important)
2012-11-21 18:08:45
nessus
nessus
RHEL 6 : java-1.7.0-oracle (RHSA-2012:1391)
2012-10-19 00:00:00
Ubuntu 10.04 LTS / 11.04 / 11.10 / 12.04 LTS / 12.10 : openjdk-6, openjdk-7 vulnerabilities (USN-1619-1) (ROBOT)
2012-10-26 00:00:00
SuSE 11.2 Security Update : OpenJDK (SAT Patch Number 6987)
2013-01-25 00:00:00
securityvulns
securityvulns
Oracle Java / OpenJDK multiple security vulnerabilities
2012-10-30 00:00:00
redhat
redhat
(RHSA-2012:1391) Critical: java-1.7.0-oracle security update
2012-10-18 00:00:00
(RHSA-2012:1386) Important: java-1.7.0-openjdk security update
2012-10-17 00:00:00
(RHSA-2012:1392) Critical: java-1.6.0-sun security update
2012-10-18 00:00:00
ubuntu
ubuntu
OpenJDK vulnerabilities
2012-10-26 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2012:1489-2)
2021-06-09 00:00:00
SuSE Update for java-1_7_0-openjdk openSUSE-SU-2012:1419-1 (java-1_7_0-openjdk)
2013-03-11 00:00:00
Ubuntu Update for openjdk-7 USN-1619-1
2012-10-29 00:00:00
oraclelinux
oraclelinux
java-1.7.0-openjdk security update
2012-10-17 00:00:00
java-1.6.0-openjdk security update
2012-10-17 00:00:00
java-1.6.0-openjdk security update
2012-10-17 00:00:00
ibm
ibm
Security Bulletin: Vulnerabilities in Rational Functional Tester versions 8.x due to security vulnerabilities in IBM JRE 7.0 Service Release 2 or earlier, and non-IBM Java 7.0
2019-05-07 13:40:01
Security Bulletin: IBM Rational Build Forge Java (CVE-2012-3216, CVE-2012-5077, CVE-2012-5073, CVE-2012-5074, CVE-2012-5083, CVE-2012-5072, CVE-2012-1531, CVE-2012-5081, CVE-2012-5069, CVE-2012-5079, CVE-2012-5088)
2018-06-17 04:45:18
Security Bulletin: IBM Tivoli Monitoring clients affected by vulnerabilities in IBM JRE excuted under a security manager.
2022-09-25 23:13:40
amazon
amazon
Important: java-1.7.0-openjdk
2012-10-23 10:38:00
Important: java-1.6.0-openjdk
2012-10-23 10:38:00
centos
centos
java security update
2012-10-17 21:16:08
java security update
2012-10-17 21:15:32
java security update
2012-10-17 21:21:03
threatpost
threatpost
Apple Patches Java Flaws
2012-10-18 13:44:08
New Java Attack Introduced into Cool Exploit Kit
2012-11-12 18:25:53
veracode
veracode
Information Disclosure
2019-05-02 04:41:05
Information Disclosure
2019-05-02 04:41:06
Remote Code Execution (RCE)
2019-05-02 04:41:04
cve
cve
CVE-2012-3202
2012-10-17 00:55:00
CVE-2012-5080
2012-10-16 21:55:00
CVE-2012-5078
2012-10-16 21:55:00
prion
prion
Design/Logic Flaw
2012-10-17 00:55:00
Design/Logic Flaw
2012-10-16 21:55:00
Design/Logic Flaw
2012-10-16 21:55:00
metasploit
metasploit
Java Applet JAX-WS Remote Code Execution
2012-11-11 16:05:51
Java Applet Method Handle Remote Code Execution
2013-01-17 20:14:49
thn
thn
Latest Java vulnerability exploitation leads to ransomware
2012-11-10 18:57:00
seebug
seebug
Java Applet JAX-WS Remote Code Execution
2014-07-01 00:00:00
ubuntucve
ubuntucve
CVE-2012-1533
2012-10-16 00:00:00
CVE-2012-3159
2012-10-16 00:00:00
CVE-2012-5073
2012-10-16 00:00:00
vmware
vmware
VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues.
2013-02-21 00:00:00
exploitdb
exploitdb
Java Applet - JAX-WS Remote Code Execution (Metasploit)
2012-11-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Java Applet JAX-WS Remote Code Execution (CVE-2012-5076)
2012-12-02 00:00:00
Java Applet Method Handle Remote Code Execution (CVE-2012-5088)
2016-11-28 00:00:00
saint
saint
Java JAX-WS statistics.impl package sandbox breach
2013-02-07 00:00:00
canvas
canvas
Immunity Canvas: JAVA_CVE_2012_5088
2012-10-16 21:55:00
packetstorm
packetstorm
Java Applet Method Handle Remote Code Execution
2013-01-23 00:00:00
zdt
zdt
Java Applet Method Handle Remote Code Execution Vulnerability
2013-01-23 00:00:00
JSON
Related for VMWARE_ESX_VMSA-2013-0003_REMOTE.NASL
suse9nessus42securityvulns1redhat9ubuntu1openvas44oraclelinux3ibm8amazon2centos3threatpost2veracode22cve15prion14metasploit2thn1seebug1ubuntucve12vmware1exploitdb1checkpoint_advisories2saint1canvas1packetstorm1zdt1