| Revision Date: | 2014-01-20 | Version: | 4 |
| Title: | VMware ESXi and ESX updates to third party library and ESX Service Console |
| Description: | Cross-site scripting (XSS) vulnerability in the chg_passwd function in web/swat.c in the Samba Web Administration Tool (SWAT) in Samba 3.x before 3.5.10 allows remote authenticated administrators to inject arbitrary web script or HTML via the username parameter to the passwd program (aka the user field to the Change Password page). |
| Family: | unix | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2011-2694
|
| Platform(s): | VMWare ESX Server 4.0
VMWare ESX Server 4.1
| Product(s): | |
| Definition Synopsis |
| Patch ESX410-201201407-SG is not installed VMware ESX Server 4.1 is installed
AND Patch ESX410-201201407-SG is not installed
OR Patch ESX400-201203404-SG is not installed
VMware ESX Server 4.0 is installed
AND Patch ESX400-201203404-SG is not installed
|