| Revision Date: | 2014-01-20 | Version: | 4 |
| Title: | VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. |
| Description: | pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment of the invoking application or service during execution of the namespace.init script, which might allow local users to gain privileges by running a setuid program that relies on the pam_namespace PAM check, as demonstrated by the sudo program. |
| Family: | unix | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2010-3853
|
| Platform(s): | VMWare ESX Server 4.0
VMWare ESX Server 4.1
| Product(s): | |
| Definition Synopsis |
| Patch ESX410-201110207-SG is not installed VMware ESX Server 4.1 is installed
AND Patch ESX410-201110207-SG is not installed
OR Patch ESX400-201103404-SG is not installed
VMware ESX Server 4.0 is installed
AND Patch ESX400-201103404-SG is not installed
|