Oval Definition:	oval:org.mitre.oval:def:20404
Revision Date: 2014-01-20 Version: 4 Title: VMware ESX third party updates for Service Console packages glibc and dhcp Description: drivers/scsi/mpt2sas/mpt2sas_ctl.c in the Linux kernel 2.6.38 and earlier does not validate (1) length and (2) offset values before performing memory copy operations, which might allow local users to gain privileges, cause a denial of service (memory corruption), or obtain sensitive information from kernel memory via a crafted ioctl call, related to the _ctl_do_mpt_command and _ctl_diag_read_buffer functions. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2011-1495 Platform(s): VMWare ESX Server 3.5 VMWare ESX Server 4.0 VMWare ESX Server 4.1 Product(s): Definition Synopsis Patch ESX410-201110224-SG is not installed VMware ESX Server 4.1 is installed AND Patch ESX410-201110224-SG is not installed OR Patch ESX400-201110409-SG is not installed VMware ESX Server 4.0 is installed AND Patch ESX400-201110409-SG is not installed OR Patch ESX350-201203403-SG is not installed VMware ESX Server 3.5.0 is installed AND Patch ESX350-201203403-SG is not installed
BACK