Oval Definition:	oval:org.mitre.oval:def:20630
Revision Date: 2014-01-20 Version: 4 Title: VMware ESXi and ESX updates to third party library and ESX Service Console Description: The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2011-2192 Platform(s): VMWare ESX Server 4.0 VMWare ESX Server 4.1 Product(s): Definition Synopsis Patch ESX410-201201402-SG is not installed VMware ESX Server 4.1 is installed AND Patch ESX410-201201402-SG is not installed OR Patch ESX400-201203403-SG is not installed VMware ESX Server 4.0 is installed AND Patch ESX400-201203403-SG is not installed
BACK