Oval Definition:
oval:org.mitre.oval:def:5640
Revision Date
:
2010-05-17
Version
:
5
Title
:
VMware ESX Openwsman Lets Local Users Gain Root Privileges
Description
:
Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."
Family
:
unix
Class
:
vulnerability
Status
:
ACCEPTED
Reference(s)
:
CVE-2008-2097
Platform(s)
:
VMWare ESX Server 2
VMWare ESX Server 3
Product(s)
:
Definition Synopsis
VMWare ESX Server 3.0.2 meets CVE-2008-2097
VMWare ESX Server 3.0.2 is installed
AND
All patches must be installed to not be vulnerable
Patch ESX-1004727 is not installed
OR
Patch ESX-1004821 is not installed
OR
Patch ESX-1004216 is not installed
OR
Patch ESX-1004726 is not installed
OR
Patch ESX-1004722 is not installed
OR
Patch ESX-1004724 is not installed
OR
Patch ESX-1004719 is not installed
OR
Patch ESX-1004219 is not installed
OR
VMWare ESX Server 3.0.1 meets CVE-2008-2097
VMWare ESX Server 3.0.1 is installed
AND
All patches must be installed to not be vulnerable
Patch ESX-1004186 is not installed
OR
Patch ESX-1004728 is not installed
OR
Patch ESX-1004725 is not installed
OR
Patch ESX-1004721 is not installed
OR
Patch ESX-1004723 is not installed
OR
Patch ESX-1004190 is not installed
OR
Patch ESX-1004189 is not installed
OR
VMWare ESX Server 2.5.5 meets CVE-2008-2097
VMWare ESX Server 2.5.5 build 57619 or higher is installed
AND
VMWare ESX Server 2.5.5 upgrade patch 8 is not installed
OR
VMWare ESX Server 2.5.4 meets CVE-2008-2097
VMWare ESX Server 2.5.4 build 32233 or higher is installed
AND
VMWare ESX Server 2.5.4 upgrade patch 19 is not installed
BACK