12 matches found
EUVD-2016-8316
Malware in sbrugna...
Qualys Policy Compliance Notification: Policy Library Update
Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from OS an...
ESXi 6.0 < Build 5485776 Multiple Vulnerabilities (VMSA-2017-0015) (remote check)
The version of the remote VMware ESXi 6.0 host is prior to build 5224529. It is, therefore, affected by multiple vulnerabilities in VMWare Tools and the bundled OpenSSL and Python packages, as well as a NULL pointer dereference vulnerability related to handling RPC requests that could allow an...
Null pointer dereference
VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation 12.x before 12.5.3, Fusion 8.x before 8.5.4 contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC request...
CVE-2017-4905
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x...
CVE-2017-4904
The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; an...
ESXi 6.0 U1 < Build 5251621 / 6.0 U2 < Build 5251623 / 6.0 U3 < Build 5224934 Multiple Vulnerabilities (VMSA-2017-0006) (remote check)
The version of the remote VMware ESXi 6.0 host is 6.0 U1 prior to build 5251621, 6.0 U2 prior to build 5251623, or 6.0 U3 prior to build 5224934. It is, therefore, affected by multiple vulnerabilities : - A stack memory initialization flaw exists that allows an attacker on the guest to execute...
VMware ESXi updates address a cross-site scripting issue (VMSA-2016-003) - Remote Version Check
VMware ESXi updates address a critical glibc security vulnerability SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Crlf injection
CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 and ESXi 6.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...
CVE-2016-5331
CVE-2016-5331 describes a CRLF/HTTP header injection vulnerability in VMware vCenter Server 6.0 (before U2) and ESXi 6.0. The underlying issue is CRLF injection that allows remote attackers to manipulate HTTP headers and perform HTTP response splitting via unspecified vectors. Impact is stated as...
ESXi 6.0 < Build 3380124 Shared Folders (HGFS) Guest Privilege Escalation (VMSA-2016-0001) (remote check)
The remote VMware ESXi 6.0 host is prior to build 3380124. It is, therefore, affected by a guest privilege escalation vulnerability in the Shared Folders HGFS feature due to improper validation of user-supplied input. A local attacker can exploit this to corrupt memory, resulting in an elevation ...
Backup and Replicas of virtual machines running on ESXi 6.0.x with Change Block Tracking (CBT) enabled may not be recoverable
Challenge Leveraging VMware Changed Block Tracking CBT data supplied by VMware ESXi 6.0 can potentially render the data in backups or replicas inconsistent or corrupt. Cause This is a VMware ESXi issue in CBT logic that affects ESXi 6.0 through ESXi 6.0 Update 1a. It is resolved with VMware ESXi...