Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2013-2022 Tenable Network Security, Inc.VMWARE_VMSA-2013-0009.NASL
HistoryAug 02, 2013 - 12:00 a.m.

VMSA-2013-0009 : VMware vSphere, ESX and ESXi updates to third-party libraries

2013-08-0200:00:00
This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.
www.tenable.com
30
JSON

a. vCenter Server and ESX userworld update for OpenSSL library

The userworld OpenSSL library is updated to version openssl-0.9.8y to resolve multiple security issues.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-0169 and CVE-2013-0166 to these issues.

b. Service Console (COS) update for OpenSSL library

The Service Console updates for OpenSSL library is updated to version openssl-0.9.8e-26.el5_9.1 to resolve multiple security issues.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-0169 and CVE-2013-0166 to these issues.

c. ESX Userworld and Service Console (COS) update for libxml2 library

The ESX Userworld and Service Console libxml2 library is updated to version libxml2-2.6.26-2.1.21.el5_9.1 and libxml2-python-2.6.26-2.1.21.el5_9.1. to resolve a security issue.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-0338 to this issue.

d. Service Console (COS) update for GnuTLS library

The ESX service console GnuTLS RPM is updated to version gnutls-1.4.1-10.el5_9.1 to resolve a security issue.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2013-2116 to this issue.

e. ESX third-party update for Service Console kernel

The ESX Service Console Operating System (COS) kernel is updated to kernel-2.6.18-348.3.1.el5 which addresses several security issues in the COS kernel.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CVE-2013-0268 and CVE-2013-0871 to these issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from VMware Security Advisory 2013-0009. 
# The text itself is copyright (C) VMware Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(69193);
  script_version("1.17");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");

  script_cve_id(
    "CVE-2013-0166",
    "CVE-2013-0169",
    "CVE-2013-0268",
    "CVE-2013-0338",
    "CVE-2013-0871",
    "CVE-2013-2116"
  );
  script_bugtraq_id(
    57778,
    57838,
    57986,
    58180,
    60215,
    60268
  );
  script_xref(name:"VMSA", value:"2013-0009");
  script_xref(name:"CEA-ID", value:"CEA-2019-0547");

  script_name(english:"VMSA-2013-0009 : VMware vSphere, ESX and ESXi updates to third-party libraries");

  script_set_attribute(attribute:"synopsis", value:
"The remote VMware ESXi / ESX host is missing one or more
security-related patches.");
  script_set_attribute(attribute:"description", value:
"a. vCenter Server and ESX userworld update for OpenSSL library

   The userworld OpenSSL library is updated to version openssl-0.9.8y
   to resolve multiple security issues.

   The Common Vulnerabilities and Exposures project (cve.mitre.org)
   has assigned the names CVE-2013-0169 and CVE-2013-0166 to these
   issues.

b. Service Console (COS) update for OpenSSL library

   The Service Console updates for OpenSSL library is updated to version
   openssl-0.9.8e-26.el5_9.1 to resolve multiple security issues.

   The Common Vulnerabilities and Exposures project (cve.mitre.org)
   has assigned the names CVE-2013-0169 and CVE-2013-0166 to these
   issues.

c. ESX Userworld and Service Console (COS) update for libxml2 library 

   The ESX Userworld and Service Console libxml2 library is updated to
   version libxml2-2.6.26-2.1.21.el5_9.1 and 
   libxml2-python-2.6.26-2.1.21.el5_9.1. to resolve a security issue.

   The Common Vulnerabilities and Exposures project (cve.mitre.org)
   has assigned the name CVE-2013-0338 to this issue.

d. Service Console (COS) update for GnuTLS library 

   The ESX service console GnuTLS RPM is updated to version
   gnutls-1.4.1-10.el5_9.1 to resolve a security issue.

   The Common Vulnerabilities and Exposures project (cve.mitre.org)
   has assigned the name CVE-2013-2116 to this issue.

e. ESX third-party update for Service Console kernel 

   The ESX Service Console Operating System (COS) kernel is updated 
   to kernel-2.6.18-348.3.1.el5 which addresses several security
   issues in the COS kernel. 

   The Common Vulnerabilities and Exposures project (cve.mitre.org)
   has assigned the names CVE-2013-0268 and CVE-2013-0871 to these
   issues.");
  script_set_attribute(attribute:"see_also", value:"http://lists.vmware.com/pipermail/security-announce/2014/000230.html");
  script_set_attribute(attribute:"solution", value:
"Apply the missing patches.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"exploit_framework_canvas", value:"true");
  script_set_attribute(attribute:"canvas_package", value:"CANVAS");

  script_set_attribute(attribute:"patch_publication_date", value:"2013/07/31");
  script_set_attribute(attribute:"plugin_publication_date", value:"2013/08/02");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esx:4.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esx:4.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:4.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:5.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:vmware:esxi:5.1");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"VMware ESX Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2013-2022 Tenable Network Security, Inc.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/VMware/release", "Host/VMware/version");
  script_require_ports("Host/VMware/esxupdate", "Host/VMware/esxcli_software_vibs");

  exit(0);
}


include("audit.inc");
include("vmware_esx_packages.inc");


if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (!get_kb_item("Host/VMware/release")) audit(AUDIT_OS_NOT, "VMware ESX / ESXi");
if (
  !get_kb_item("Host/VMware/esxcli_software_vibs") &&
  !get_kb_item("Host/VMware/esxupdate")
) audit(AUDIT_PACKAGE_LIST_MISSING);


init_esx_check(date:"2013-07-31");
flag = 0;


if (
  esx_check(
    ver           : "ESX 4.0",
    patch         : "ESX400-201310401-SG",
    patch_updates : make_list("ESX400-201404401-SG")
  )
) flag++;

if (
  esx_check(
    ver           : "ESX 4.1",
    patch         : "ESX410-201307401-SG",
    patch_updates : make_list("ESX410-201312401-SG", "ESX410-201404401-SG")
  )
) flag++;
if (
  esx_check(
    ver           : "ESX 4.1",
    patch         : "ESX410-201307402-SG",
    patch_updates : make_list("ESX410-201312403-SG")
  )
) flag++;
if (esx_check(ver:"ESX 4.1", patch:"ESX410-201307403-SG")) flag++;
if (esx_check(ver:"ESX 4.1", patch:"ESX410-201307404-SG")) flag++;
if (esx_check(ver:"ESX 4.1", patch:"ESX410-201307405-SG")) flag++;

if (
  esx_check(
    ver           : "ESXi 4.0",
    patch         : "ESXi400-201310401-SG",
    patch_updates : make_list("ESXi400-201404401-SG")
  )
) flag++;

if (
  esx_check(
    ver           : "ESXi 4.1",
    patch         : "ESXi410-201307401-SG",
    patch_updates : make_list("ESXi410-201312401-SG", "ESXi410-201404401-SG")
  )
) flag++;

if (esx_check(ver:"ESXi 5.0", vib:"VMware:esx-base:5.0.0-2.38.1311177")) flag++;
if (esx_check(ver:"ESXi 5.0", vib:"VMware:misc-drivers:5.0.0-2.38.1311177")) flag++;
if (esx_check(ver:"ESXi 5.0", vib:"VMware:net-bnx2x:1.61.15.v50.1-2vmw.500.2.38.1311177")) flag++;

if (esx_check(ver:"ESXi 5.1", vib:"VMware:esx-base:5.1.0-1.22.1472666")) flag++;


if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:esx_report_get());
  else security_warning(0);
  exit(0);
}
else audit(AUDIT_HOST_NOT, "affected");
VendorProductVersionCPE
vmwareesx4.0cpe:/o:vmware:esx:4.0
vmwareesx4.1cpe:/o:vmware:esx:4.1
vmwareesxi4.1cpe:/o:vmware:esxi:4.1
vmwareesxi5.0cpe:/o:vmware:esxi:5.0
vmwareesxi5.1cpe:/o:vmware:esxi:5.1

Related

vmware 2
openvas 59
nessus 63
f5 2
centos 3
prion 4
cve 3
redhat 6
oraclelinux 7
ubuntucve 3
altlinux 5
freebsd 2
osv 1
fedora 4
freebsd_advisory 1
aix 1
debian 2
amazon 2
ibm 9
slackware 1
ubuntu 3
securityvulns 3
veracode 4
suse 2
debiancve 2
checkpoint_advisories 1
zdt 2
packetstorm 1
canvas 1
vmware
vmware
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
VMware vSphere, ESX and ESXi updates to third party libraries
2013-07-31 00:00:00
openvas
openvas
VMSA-2013-0009 VMware ESX and ESXi updates to third party libraries
2013-08-07 00:00:00
VMware ESXi/ESX updates to third party libraries (VMSA-2013-0009)
2013-08-07 00:00:00
RedHat Update for kernel RHSA-2013:0621-01
2013-03-12 00:00:00
nessus
nessus
VMware ESX / ESXi Third-Party Libraries Multiple Vulnerabilities (VMSA-2013-0009) (remote check)
2016-03-04 00:00:00
Oracle Linux 5 : ELSA-2013-0621-1: / kernel (ELSA-2013-06211)
2023-09-07 00:00:00
CentOS 5 : kernel (CESA-2013:0621)
2013-03-13 00:00:00
f5
f5
K15637 : GnuTLS vulnerability CVE-2013-2116
2014-10-16 00:00:00
SOL15637 - GnuTLS vulnerability CVE-2013-2116
2014-10-06 00:00:00
centos
centos
kernel security update
2013-03-12 05:51:58
openssl security update
2013-03-04 22:46:45
libxml2 security update
2013-03-01 00:45:13
prion
prion
Design/Logic Flaw
2013-07-03 18:55:00
Design/Logic Flaw
2013-04-25 23:55:00
Security feature bypass
2013-02-18 04:41:00
cve
cve
CVE-2013-2116
2013-07-03 18:55:00
CVE-2013-0338
2013-04-25 23:55:00
CVE-2013-0268
2013-02-18 04:41:00
redhat
redhat
(RHSA-2013:0621) Important: kernel security update
2013-03-11 00:00:00
(RHSA-2013:0636) Important: rhev-hypervisor6 security and bug fix update
2013-03-13 00:00:00
(RHSA-2013:0783) Moderate: openssl security update
2013-05-01 17:58:17
oraclelinux
oraclelinux
kernel security update
2013-03-11 00:00:00
1
2013-03-11 00:00:00
kernel security and bug fix update
2013-03-12 00:00:00
ubuntucve
ubuntucve
CVE-2013-2116
2013-05-29 00:00:00
CVE-2013-0338
2013-02-26 00:00:00
CVE-2013-0268
2013-02-17 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package openssl10 version 1.0.0k-alt1
2013-02-27 00:00:00
Security fix for the ALT Linux 7 package openssl10 version 1.0.0k-alt1
2013-02-27 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.0k-alt1
2013-02-27 00:00:00
freebsd
freebsd
FreeBSD -- OpenSSL multiple vulnerabilities
2013-04-02 00:00:00
OpenSSL -- TLS 1.1, 1.2 denial of service
2013-02-05 00:00:00
osv
osv
openssl - several vulnerabilities
2013-02-13 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: openssl-1.0.1e-3.fc18
2013-03-02 19:55:52
[SECURITY] Fedora 17 Update: openssl-1.0.0k-1.fc17
2013-03-08 00:02:36
[SECURITY] Fedora 18 Update: gnutls-2.12.23-2.fc18
2013-06-11 09:08:17
freebsd_advisory
freebsd_advisory
FreeBSD-SA-13:03.openssl
2013-04-02 00:00:00
aix
aix
Multiple OpenSSL vulnerabilities
2013-03-15 03:20:11
debian
debian
[SECURITY] [DSA 2621-1] openssl security update
2013-02-13 20:08:31
[SECURITY] [DSA 2697-1] gnutls26 security update
2013-05-29 19:59:42
amazon
amazon
Medium: openssl
2013-03-14 22:04:00
Medium: libxml2
2013-05-13 10:28:00
ibm
ibm
Security Bulletin: IBM Tivoli Network Manager - GSKit Security Vulnerabilities (CVE-2013-0169), (CVE-2012-2190) and (CVE-2013-0166)
2018-06-17 14:37:51
Security Bulletin: IBM Smart Analytics System 1050, 2050, and 5600 and IBM InfoSphere Balanced Warehouse C3000, C4000, and D5100 are affected by vulnerabilities in OpenSSL (CVE-2013-0166, CVE-2013-0169)
2022-09-25 23:13:40
Security Bulletin: Vulnerabilities in ClearCase OpenSSL Component (CVE-2013-0169, CVE-2012-2686, CVE-2013-0166)
2018-06-17 04:46:06
slackware
slackware
openssl
2013-02-09 15:03:57
ubuntu
ubuntu
OpenSSL vulnerabilities
2013-02-21 00:00:00
libxml2 vulnerability
2013-03-28 00:00:00
GnuTLS vulnerability
2013-05-29 00:00:00
securityvulns
securityvulns
gnutls DoS
2013-06-03 00:00:00
[ MDVSA-2013:171 ] gnutls
2013-06-03 00:00:00
[ MDVSA-2013:017 ] libxml2
2013-03-11 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:54:18
Denial Of Service (DoS)
2019-01-15 08:58:46
Authorization Bypass
2019-05-02 04:54:03
suse
suse
Security update for GnuTLS (important)
2013-06-20 22:04:17
Security update for GnuTLS (important)
2013-07-04 22:04:13
debiancve
debiancve
CVE-2013-0338
2013-04-25 23:55:00
CVE-2013-0268
2013-02-18 04:41:00
checkpoint_advisories
checkpoint_advisories
GnuTLS TLS Record Decoding Out-of-bounds Memory Access (CVE-2013-2116)
2013-08-25 00:00:00
zdt
zdt
Linux Kernel MSR Driver Privilege Escalation Vulnerability
2013-08-05 00:00:00
Linux Kernel 'MSR' Driver Local Privilege Escalation
2013-08-03 00:00:00
packetstorm
packetstorm
Linux Kernel MSR Driver Privilege Escalation
2013-08-04 00:00:00
canvas
canvas
Immunity Canvas: LINUX_PTRACE_SETREGS
2013-02-18 04:41:00
JSON
Related for VMWARE_VMSA-2013-0009.NASL
vmware2openvas59nessus63f52centos3prion4cve3redhat6oraclelinux7ubuntucve3altlinux5freebsd2osv1fedora4freebsd_advisory1aix1debian2amazon2ibm9slackware1ubuntu3securityvulns3veracode4suse2debiancve2checkpoint_advisories1zdt2packetstorm1canvas1