Oval Definition:oval:org.mitre.oval:def:5640
Revision Date:2010-05-17Version:5
Title:VMware ESX Openwsman Lets Local Users Gain Root Privileges
Description:Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2008-2097
Platform(s):VMWare ESX Server 2
VMWare ESX Server 3
Product(s):
Definition Synopsis
  • VMWare ESX Server 3.0.2 meets CVE-2008-2097
  • VMWare ESX Server 3.0.2 is installed
  • AND All patches must be installed to not be vulnerable
  • Patch ESX-1004727 is not installed
  • OR Patch ESX-1004821 is not installed
  • OR Patch ESX-1004216 is not installed
  • OR Patch ESX-1004726 is not installed
  • OR Patch ESX-1004722 is not installed
  • OR Patch ESX-1004724 is not installed
  • OR Patch ESX-1004719 is not installed
  • OR Patch ESX-1004219 is not installed
  • OR VMWare ESX Server 3.0.1 meets CVE-2008-2097
  • VMWare ESX Server 3.0.1 is installed
  • AND All patches must be installed to not be vulnerable
  • Patch ESX-1004186 is not installed
  • OR Patch ESX-1004728 is not installed
  • OR Patch ESX-1004725 is not installed
  • OR Patch ESX-1004721 is not installed
  • OR Patch ESX-1004723 is not installed
  • OR Patch ESX-1004190 is not installed
  • OR Patch ESX-1004189 is not installed
  • OR VMWare ESX Server 2.5.5 meets CVE-2008-2097
  • VMWare ESX Server 2.5.5 build 57619 or higher is installed
  • AND VMWare ESX Server 2.5.5 upgrade patch 8 is not installed
  • OR VMWare ESX Server 2.5.4 meets CVE-2008-2097
  • VMWare ESX Server 2.5.4 build 32233 or higher is installed
  • AND VMWare ESX Server 2.5.4 upgrade patch 19 is not installed
  • BACK