NASLDB: VMSA-2009-0002 : VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27
General
ID: 42178
Name: VMSA-2009-0002 : VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27
Summary: Looks for patch(es) in esxupdate output
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C
Port: 0
Family: VMware ESX Local Security Checks
Type: Local
Description
a. Update for VirtualCenter and ESX patch update Apache Tomcat version
to 5.5.27
Update for VirtualCenter and ESX patch update the Tomcat package to
version 5.5.27 which addresses multiple security issues that existed
in the previous version of Apache Tomcat.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2008-1232, CVE-2008-1947 and
CVE-2008-2370 to these issues.
Exploiting
Exploit Available: True
Exploitability Ease: Exploits are available
Sources
CVE: CVE-2008-1232
OSVDB: –
Bugtraq: 30494
scipID: –
Timeline
Vulnerability Disclosure: –
Patch Release: 2009/02/23
Plugin Release: 2009/10/19
Plugin
Version: 1.12
Filename: vmware_VMSA-2009-0002.nasl
Filesize: 3157 bytes
MD5 Hash: 6e4bf86eb5d2504412af7a4b7690ebe5
Identification: –
Require Keys: Host/local_checks_enabled", "Host/VMware/version
Dependencies: "ssh_get_info.nasl"
Copyright: This script is© 2009-2012 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack