50 matches found
MiracleLinux 9 : open-vm-tools-12.1.5-1.el9.1 (AXSA:2023-6173:04)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6173:04 advisory. open-vm-tools: authentication bypass vulnerability in the vgauth module CVE-2023-20867 Tenable has extracted the preceding description block directly from th...
MiracleLinux 7 : open-vm-tools-11.0.5-3.el7.6 (AXSA:2023-6175:05)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6175:05 advisory. open-vm-tools: authentication bypass vulnerability in the vgauth module CVE-2023-20867 Tenable has extracted the preceding description block directly from th...
TencentOS Server 3: open-vm-tools (TSSA-2023:0197)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0197 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
TencentOS Server 2: open-vm-tools (TSSA-2023:0123)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0123 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0076: open-vm-tools (ALINUX3-SA-2023:0076)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0076 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-20867: A fully compromised ESXi host can...
Security Bulletin: IBM DataPower Gateway Virtual Edition vulnerable to security bypass due to open-vm-tools (CVE-2023-20867)
Summary open-vm-tools provides an interface between IBM DataPower Gateway Virtual Edition and the hypervisor. This issue may permit a compromised hypervisor to perform unauthorized guest operations. Vulnerability Details CVEID:CVE-2023-20867 DESCRIPTION: VMware Tools could allow a local...
UNC3886 Uses Fortinet, VMware 0-Days and Stealth Tactics in Long-Term Spying
The China-nexus cyber espionage actor linked to the zero-day exploitation of security flaws in Fortinet, Ivanti, and VMware devices has been observed utilizing multiple persistence mechanisms in order to maintain unfettered access to compromised environments. "Persistence mechanisms encompassed...
CentOS 9 : open-vm-tools-12.2.0-3.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the open-vm- tools-12.2.0-3.el9 build changelog. - authentication bypass vulnerability in the vgauth module rhel-br-9 CVE-2023-20867 Note that Nessus has not tested for this issue but has...
Fedora 39 : open-vm-tools (2023-20b6ac4b6c)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-20b6ac4b6c advisory. Package new upstream version of open-vm-tools-12.3.0-22234872. Security fix for CVE-2023-20900, CVE-2023-20867 Tenable has extracted the preceding...
Fedora: Security Advisory for open-vm-tools (FEDORA-2023-9b1a1023ac)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2023-1630 open-vm-tools security update
The project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and libraries of...
Fedora: Security Advisory for open-vm-tools (FEDORA-2023-df375d0634)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15: libvmtools-devel / libvmtools0 / open-vm-tools / etc (SUSE-SU-2023:2604-2)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2604-2 advisory. - CVE-2023-20867: Fixed authentication bypass vulnerability in the vgauth module bsc1212143. Bug fixes: - Fixed build problem with grpc 1.54...
Debian: Security Advisory (DSA-5493-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:2604-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DSA 5493-1] open-vm-tools security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5493-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 10, 2023 https://www.debian.org/security/faq -...
SUSE SLES15: libvmtools-devel / libvmtools0 / open-vm-tools / etc (SUSE-SU-2023:3505-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3505-1 advisory. - CVE-2023-20867: Fixed authentication bypass vulnerability in the vgauth module bsc1212143. - CVE-2023-20900: Fixed SAML token...
SUSE SLES15: libvmtools-devel / libvmtools0 / open-vm-tools / etc (SUSE-SU-2023:3504-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3504-1 advisory. - CVE-2023-20867: Fixed authentication bypass vulnerability in the vgauth module bsc1212143. - CVE-2023-20900: Fixed SAML token...
[SECURITY] [DLA 3531-1] open-vm-tools security update
----------------------------------------------------------------------- Debian LTS Advisory DLA-3531-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta August 16, 2023 https://wiki.debian.org/LTS -...
Debian dla-3531 : open-vm-tools - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3531 advisory. - ----------------------------------------------------------------------- Debian LTS Advisory DLA-3531-1 [email protected] https://www.debian.org/lts/security/...