Oval Definition:	oval:org.mitre.oval:def:20416
Revision Date: 2014-01-20 Version: 4 Title: VMware ESXi and ESX updates to third party library and ESX Service Console Description: The is_cgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / (slash) character at the beginning of the URI. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2011-1015 Platform(s): VMWare ESX Server 4.0 VMWare ESX Server 4.1 Product(s): Definition Synopsis Patch ESX410-201201405-SG is not installed VMware ESX Server 4.1 is installed AND Patch ESX410-201201405-SG is not installed OR Patch ESX400-201203402-SG is not installed VMware ESX Server 4.0 is installed AND Patch ESX400-201203402-SG is not installed
BACK