The remote ESXi is missing one or more security related Updates from VMSA-2011-0004.3. Summary Service Location Protocol daemon (SLPD) denial of service issue and ESX 4.0 Service Console OS (COS) updates for bind, pam, and rpm. Relevant releases VMware ESXi 4.1 without patch ESXi410-201101201-SG. VMware ESXi 4.0 without patch ESXi400-201103401-SG. VMware ESX 4.1 without patches ESX410-201101201-SG, ESX410-201104407-SG and ESX410-201110207-SG. VMware ESX 4.0 without patches ESX400-201103401-SG, ESX400-201103404-SG, ESX400-201103406-SG and ESX400-201103407-SG. Problem Description a. Service Location Protocol daemon DoS This patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon (SLPD). Exploitation of this vulnerability could cause SLPD to consume significant CPU resources. b. Service Console update for bind This patch updates the bind-libs and bind-utils RPMs to version 9.3.6-4.P1.el5_5.3, which resolves multiple security issues. c. Service Console update for pam This patch updates the pam RPM to pam_0.99.6.2-3.27.5437.vmw, which resolves multiple security issues with PAM modules. d. Service Console update for rpm, rpm-libs, rpm-python, and popt This patch updates rpm, rpm-libs, and rpm-python RPMs to 126.96.36.199-20.el5_5.1, and popt to version 188.8.131.52-20.el5_5.1, which resolves a security issue.
Apply the missing patch(es).
Updated on 2015-03-25
CVE CVE-2010-2059, CVE-2010-3316, CVE-2010-3435, CVE-2010-3609, CVE-2010-3613, CVE-2010-3614, CVE-2010-3762, CVE-2010-3853
CVSS Base Score: 7.2
- VMSA-2012-0006 VMware ESXi and ESX address several security issues
- VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries
- VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Service Console
- VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
- VMSA-2011-0004.3 VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.