Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2014 Greenbone AGOPENVAS:1361412562310105087
HistorySep 11, 2014 - 12:00 a.m.

VMware ESXi updates to third party libraries (VMSA-2014-0008) - Remote Version Check

2014-09-1100:00:00
Copyright (C) 2014 Greenbone AG
plugins.openvas.org
19

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

Low

EPSS

0.973

Percentile

99.9%

JSON

VMware has updated ESXi third party libraries.

# SPDX-FileCopyrightText: 2014 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if (description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.105087");
  script_cve_id("CVE-2014-0114", "CVE-2013-4590", "CVE-2013-4322", "CVE-2014-0050", "CVE-2013-0242", "CVE-2013-1914");
  script_tag(name:"cvss_base", value:"7.5");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_version("2023-06-28T05:05:21+0000");
  script_name("VMware ESXi updates to third party libraries (VMSA-2014-0008) - Remote Version Check");

  script_xref(name:"URL", value:"http://www.vmware.com/security/advisories/VMSA-2014-0008.html");
  script_tag(name:"vuldetect", value:"Checks if a vulnerable build is present on the target host.");
  script_tag(name:"insight", value:"a. Update to ESXi glibc package

glibc is updated to address multiple security issues.");

  script_tag(name:"solution", value:"Apply the missing patch(es).");
  script_tag(name:"summary", value:"VMware has updated ESXi third party libraries.");

  script_tag(name:"affected", value:"VMware ESXi 5.5 without patch ESXi550-201409101-SG.");

  script_tag(name:"last_modification", value:"2023-06-28 05:05:21 +0000 (Wed, 28 Jun 2023)");
  script_tag(name:"creation_date", value:"2014-09-11 11:04:01 +0100 (Thu, 11 Sep 2014)");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  script_category(ACT_GATHER_INFO);
  script_family("General");
  script_copyright("Copyright (C) 2014 Greenbone AG");
  script_dependencies("gb_vmware_esx_web_detect.nasl");
  script_mandatory_keys("VMware/ESX/build", "VMware/ESX/version");

  exit(0);
}

include("vmware_esx.inc");

if( ! esxVersion = get_kb_item( "VMware/ESX/version" ) ) exit( 0 );
if( ! esxBuild = get_kb_item( "VMware/ESX/build" ) ) exit( 0 );

fixed_builds = make_array( "5.5.0", "2068190",
                           "5.1.0", "2323231" );

if( ! fixed_builds[esxVersion] ) exit( 0 );

if( int( esxBuild ) < int( fixed_builds[esxVersion] ) )
{
  security_message(port:0, data: esxi_remote_report( ver:esxVersion, build: esxBuild, fixed_build: fixed_builds[esxVersion] ) );
  exit(0);
}

exit( 99 );

Related

vmware 2
openvas 38
nessus 49
redhat 11
securityvulns 6
veracode 4
centos 4
oraclelinux 5
ibm 29
mageia 4
tomcat 2
fedora 4
amazon 2
ubuntu 1
atlassian 3
cve 3
osv 1
nvd 4
seebug 2
debiancve 4
ubuntucve 4
github 1
cvelist 4
prion 3
checkpoint_advisories 1
debian 3
packetstorm 2
f5 1
suse 1
exploitpack 1
vmware
vmware
VMware vSphere product updates to third party libraries
2014-09-09 00:00:00
VMware vSphere product updates to third party libraries
2014-09-09 00:00:00
openvas
openvas
VMware ESXi product updates to third party libraries (VMSA-2014-0008)
2014-09-11 00:00:00
VMware Security Updates for vCenter Server (VMSA-2014-0008)
2014-09-11 00:00:00
Apache Tomcat Multiple Vulnerabilities - 02 (Mar 2014)
2014-03-25 00:00:00
nessus
nessus
VMSA-2014-0008 : VMware vSphere product updates to third-party libraries
2014-09-11 00:00:00
Mandriva Linux Security Advisory : glibc (MDVSA-2013:163)
2013-05-08 00:00:00
CentOS 5 : glibc (CESA-2013:0769)
2013-04-26 00:00:00
redhat
redhat
(RHSA-2013:0769) Low: glibc security and bug fix update
2013-04-24 00:00:00
(RHSA-2013:1605) Moderate: glibc security, bug fix, and enhancement update
2013-11-21 00:00:00
(RHSA-2014:0429) Moderate: tomcat6 security update
2014-04-23 00:00:00
securityvulns
securityvulns
[ MDVSA-2013:163 ] glibc
2013-05-09 00:00:00
GNU glibc security vulnerabilities
2013-05-09 00:00:00
Apache Tomcat multiple security vulnerabilities
2014-03-31 00:00:00
veracode
veracode
Stack-based Buffer Overflow
2019-05-02 04:44:45
XML External Entity (XXE)
2019-01-15 08:58:51
Denial Of Service (DoS)
2019-01-15 08:52:21
centos
centos
glibc, nscd security update
2013-04-24 21:58:40
glibc, nscd security update
2013-11-26 13:31:38
tomcat6 security update
2014-04-23 19:07:14
oraclelinux
oraclelinux
glibc security and bug fix update
2013-04-24 00:00:00
glibc security, bug fix, and enhancement update
2013-11-25 00:00:00
tomcat6 security update
2014-04-23 00:00:00
ibm
ibm
Security Bulletin: Apache Tomcat and FileUpload Vulnerabilities in IBM UrbanCode Release (CVE-2014-0050, CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590)
2018-06-17 22:31:46
Security Bulletin: ClassLoader manipulation with Apache Struts (CVE-2014-0114) and Denial Of Service vulnerability in Apache Commons FileUpload (CVE-2014-0050) affect IBM Business Process Manager (BPM) V8.5.5.0
2018-06-15 07:00:58
Security Bulletin: Apache Tomcat and FileUpload Vulnerabilities in IBM UrbanCode Deploy (CVE-2014-0050, CVE-2013-4286, CVE-2014-0033, CVE-2013-4322, CVE-2013-4590)
2018-06-17 22:31:44
mageia
mageia
Updated tomcat package fixes security vulnerabilities
2014-04-03 04:16:05
Updated tomcat package fixes security vulnerabilities
2014-04-03 04:16:05
Updated struts packages fix CVE-2014-0114
2014-05-15 02:13:20
tomcat
tomcat
Fixed in Apache Tomcat 7.0.50
2014-01-08 00:00:00
Fixed in Apache Tomcat 8.0.0-RC10
2013-12-26 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: tomcat-7.0.52-1.fc20
2014-09-26 09:02:42
[SECURITY] Fedora 18 Update: glibc-2.16-30.fc18
2013-03-30 21:30:28
[SECURITY] Fedora 17 Update: glibc-2.15-59.fc17
2013-06-02 01:58:33
amazon
amazon
Medium: glibc
2013-12-17 21:39:00
Medium: tomcat6
2014-05-21 10:45:00
ubuntu
ubuntu
Tomcat vulnerabilities
2014-03-06 00:00:00
atlassian
atlassian
CVE-2013-4590 vulnerability with Tomcat 7.0.42 shipped with Crowd 2.7.2
2014-05-24 04:42:42
CVE-2013-4590 vulnerability with Tomcat 7.0.42 shipped with Crowd 2.7.2
2014-05-24 04:42:42
Security vulnerability in apache commons fileupload
2014-02-10 05:56:15
cve
cve
CVE-2013-4590
2014-02-26 14:55:08
CVE-2013-1914
2013-04-29 22:55:01
CVE-2013-0242
2013-02-08 20:55:01
osv
osv
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2022-05-14 01:10:35
nvd
nvd
CVE-2013-4590
2014-02-26 14:55:08
CVE-2013-1914
2013-04-29 22:55:01
CVE-2013-0242
2013-02-08 20:55:01
seebug
seebug
Apache TomcatXML外部实体信息泄漏漏洞
2014-02-27 00:00:00
Apache Commons FileUpload/Apache Tomcat拒绝服务漏洞
2014-02-13 00:00:00
debiancve
debiancve
CVE-2013-4590
2014-02-26 14:55:00
CVE-2013-1914
2013-04-29 22:55:01
CVE-2013-0242
2013-02-08 20:55:01
ubuntucve
ubuntucve
CVE-2013-4590
2014-02-26 00:00:00
CVE-2013-0242
2013-02-08 00:00:00
CVE-2013-1914
2013-04-29 00:00:00
github
github
Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
2022-05-14 01:10:35
cvelist
cvelist
CVE-2013-4590
2014-02-26 11:00:00
CVE-2013-1914
2013-04-29 22:00:00
CVE-2013-0242
2013-02-08 20:00:00
prion
prion
Xxe
2014-02-26 14:55:00
Stack overflow
2013-04-29 22:55:00
Buffer overflow
2013-02-08 20:55:00
checkpoint_advisories
checkpoint_advisories
Apache Tomcat Large Chunked Transfer Denial of Service (CVE-2013-4322)
2014-03-05 00:00:00
debian
debian
[SECURITY] [DSA 2897-1] tomcat7 security update
2014-04-08 18:25:14
[SECURITY] [DSA 2856-1] libcommons-fileupload-java security update
2014-02-07 22:59:08
[SECURITY] [DSA 2940-1] libstruts1.2-java security update
2014-08-21 06:39:48
packetstorm
packetstorm
Apache Commons FileUpload and Apache Tomcat Denial of Service
2024-08-31 00:00:00
OSCAR EMR 15.21beta361 XSS / Disclosure / CSRF / Insecure Direct Object Reference
2018-08-23 00:00:00
f5
f5
SOL15189 - Apache Commons FileUpload vulnerability CVE-2014-0050
2014-04-18 00:00:00
suse
suse
Security update for struts (important)
2014-07-16 01:10:20
exploitpack
exploitpack
Apache Commons FileUpload and Apache Tomcat - Denial of Service
2014-02-12 00:00:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.9

Confidence

Low

EPSS

0.973

Percentile

99.9%

JSON
Related for OPENVAS:1361412562310105087
vmware2openvas38nessus49redhat11securityvulns6veracode4centos4oraclelinux5ibm29mageia4tomcat2fedora4amazon2ubuntu1atlassian3cve3osv1nvd4seebug2debiancve4ubuntucve4github1cvelist4prion3checkpoint_advisories1debian3packetstorm2f51suse1exploitpack1