The remote ESXi is missing one or more security related Updates from VMSA-2011-0012.3. Summary VMware ESXi and ESX updates to third party libraries and ESX Service Console address several security issues. Relevant releases ESXi 5.0 without patch ESXi500-201112401-SG. ESXi 4.1 without patch ESXi410-201110201-SG. ESX 4.1 without patches ESX410-201110201-SG and ESX410-201110224-SG. ESXi 4.0 without patch ESXi400-201110401-SG. ESX 4.0 without patches ESX400-201110401-SG, ESX400-201110403-SG and ESX400-201110409-SG. ESXi 3.5 without patch ESXe350-201203401-I-SG. ESX 3.5 without patch ESX350-201203403-SG. Problem Description a. ESX third party update for Service Console kernel This update takes the console OS kernel package to kernel-2.6.18-238.9.1 which resolves multiple security issues. b. ESX third party update for Service Console krb5 RPMs This patch updates the krb5-libs and krb5-workstation RPMs of the console OS to version 1.6.1-55.el5_6.1, which resolves multiple security issues. c. ESXi and ESX update to third party component glibc The glibc third-party library is updated to resolve multiple security issues. d. ESX update to third party drivers mptsas, mpt2sas, and mptspi The mptsas, mpt2sas, and mptspi drivers are updated which addresses multiple security issues in the mpt2sas driver.
Apply the missing patch(es). See Also: http://www.vmware.com/security/advisories/VMSA-2011-0012.html
CVSS Base Score: 7.9
- VMSA-2013-0002 VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability
- VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation
- VMSA-2014-0003 VMware vSphere Client updates address security vulnerabilities
- VMSA-2013-0001 VMware vSphere security updates for the authentication service and third party libraries
- VMSA-2013-0003 VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues.