| Revision Date: | 2014-01-20 | Version: | 4 |
| Title: | VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm. |
| Description: | The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might allow local users to read arbitrary files by executing a program that relies on the pam_xauth PAM check. |
| Family: | unix | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2010-3316
|
| Platform(s): | VMWare ESX Server 4.0
VMWare ESX Server 4.1
| Product(s): | |
| Definition Synopsis |
| Patch ESX410-201110207-SG is not installed VMware ESX Server 4.1 is installed
AND Patch ESX410-201110207-SG is not installed
OR Patch ESX400-201103404-SG is not installed
VMware ESX Server 4.0 is installed
AND Patch ESX400-201103404-SG is not installed
|